A ransomware attack has potentially hit hundreds of companies over the weekend of July 4, an attack by the same group that tried to extort money from Apple in April.
On Friday, it was revealed that IT management company Kaseya has been the focus of a new ransomware attack, which takes care of the software tools it produces. Florida-based Kaseya disclosed that its VSA software was part of a potential security incident, which caused its servers to shut down and notified customers to shut down related VSA servers.
As Kaseya operates a managed service provider (MSP) platform to offer remote support and software update services to other companies, the ransomware could have been distributed using VSA servers to MSP customers. This has the potential to harm hundreds of companies using MSPs that depend on the Kaseya platform.
According to the security firm Huntress talking to Gizmodo, three of its MSP customers had been affected, which could have affected up to 200 smaller companies. “
MSPs with more than thousands of terminals are under attack, “said Huntress Senior Security Researcher John Hammond.” When an MSP is compromised, we have seen evidence that it has been rolled out through the VSA to all MSP customers. “
The US Cybersecurity and Infrastructure Security Agency. issued a statement on Friday, encouraging companies to read Kaseya’s notice and shut down VSA servers immediately.
According to Huntress, the attack is believed to have been caused by the “REvil” ransomware hacking group, a well-known group of cybercriminals. The group has a number of attacks on its name, allegedly including extorting $ 11 million from meat supplier JBS after work at 13 processing plants stopped.
In April, the group claimed it was “negotiating the sale of large amounts of confidential personal data drawings with several major brands” and wanted Apple to pay a ransom to buy back data. The group also threatened to release new data every day until the ransom was paid.
The group appeared to obtain its schematics from Apple’s supply partner, Quanta Computer, and asked Quanta for $ 50 million. How much he asked Apple for the data is unknown.
Stay up-to-date on all things Apple on the weekly AppleInsider podcast and get a quick update on AppleInsider Daily news. Just say “Hi Siri” to your HomePod mini and request these podcasts, and also our latest episode of HomeKit Insider.
If you want an ad-free premier AppleInsider podcast experience, you can support the AppleInsider podcast by subscribing for $ 5 per month via Apple’s Podcasts app, or via Patreon if you prefer any other podcast player.