IT management biz Kaseya's VSA abused to infect businesses with ransomware

2021-07-03 15:50

In what's looking like a nasty supply-chain attack, IT management biz Kaseya's on-prem VSA product was abused to infect its customers and/or their customers with ransomware.

Kaseya meanwhile initially estimated 40 of its own customers worldwide were infected.

It also told its clients to switch off their on-premises VSA data management and remote monitoring services immediately.

"We are experiencing a potential attack against the VSA that has been limited to a small number of on-premise customers only as of 1400 EDT today," it said in a Friday advisory.

"We have been advised by our outside experts that customers who experienced ransomware and receive a communication from the attackers should not click on any links - they may be weaponized," Kaseya's advisory added.

The Florida-based company told The Register it was working with the FBI. It's reported that among the victims is Sweden's grocery store chain Coop, a customer of one of Kaseya's customers, causing 500 stores to remain closed.

News URL

https://go.theregister.com/feed/www.theregister.com/2021/07/03/in_brief_security/

#management #ransomware