Sign In

Communications of the ACM

ACM TechNews

Mass Ransomware Hack Used IT Software Flaws, Researchers Say


View as: Print Mobile App Share: Send by email Share on reddit Share on StumbleUpon Share on Hacker News Share on Tweeter Share on Facebook
The inner workings of a computer.

Marcus Murray, founder of Stockholm-based TrueSec Inc., said the hackers used a previously unknown flaw in Kaseyas code to push ransomware to servers that used the software and were connected to the Internet.

Credit: Andrey Rudakov

Cybersecurity researchers said the Russia-associated REvil hacker gang was responsible for a mass ransomware attack this past weekend that exploited previously unknown flaws in Kaseya’s information technology (IT) management software.

Marcus Murray at Sweden-based cybersecurity firm TruSec said the victims were targets of opportunity, with REvil pushing ransomware to Internet-linked servers that used flawed VSA software.

The Dutch Institute for Vulnerability Disclosure said it had notified Kaseya of multiple software vulnerabilities exploited by the hackers; the Institute said it was working with Kaseya to patch them when the attack was launched.

Murray said recovery from the attack could take longer than in typical ransomware incidents, because Kaseya plays a core role in managing security and IT.

From Bloomberg
View Full Article

 

Abstracts Copyright © 2021 SmithBucklin, Washington, DC, USA


 

No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account