Security News > 2021 > July > Kaseya: Roughly 1,500 businesses hit by REvil ransomware attack
Kaseya says the REvil supply-chain ransomware attack breached the systems of roughly 60 of its direct customers using the company's VSA on-premises product.
"The attack had limited impact, with only approximately 50 of the more than 35,000 Kaseya customers being breached," Kaseya said in a press release.
Kaseya says it's currently working on the restoration process and readying to roll out a fix for the exploited zero-day to VSA customers.
To deploy ransomware payloads on the systems of Kaseya customers and their clients, the REvil operators exploited a zero-day vulnerability in Kaseya VSA, an RMM software commonly used by MSPs to manage client's networks.
The REvil affiliate behind the attack obtained the zero-day's details and exploited it to deploy the ransomware before Kaseya could start rolling a fix to VSA customers.
"The attackers were able to exploit zero-day vulnerabilities in the VSA product to bypass authentication and run arbitrary command execution," Kaseya explains.
News URL
Related news
- Enzo Biochem settles lawsuit over 2023 ransomware attack for $7.5M (source)
- Medusa ransomware group claims attack on UK's Gateshead Council (source)
- Ransomware attack forces Brit high school to shut doors (source)
- Ransomware gangs pose as IT support in Microsoft Teams phishing attacks (source)
- Security pros more confident about fending off ransomware, despite being battered by attacks (source)
- Only 13% of organizations fully recover data after a ransomware attack (source)
- Ransomware attack at New York blood services provider – donors turned away during shortage crisis (source)
- Ransomware attack disrupts New York blood donation giant (source)
- Indian tech giant Tata Technologies hit by ransomware attack (source)
- US indicts 8Base ransomware operators for Phobos encryption attacks (source)