REvil ransomware attacks systems using Kaseya’s remote IT management software
Just in time to ruin the holiday weekend, ransomware attackers have apparently used Kaseya — a software platform designed to help manage IT services remotely — to deliver their payload. Sophos director and ethical hacker Mark Loman tweeted about the attack earlier today, and now reports that affected systems will demand $44,999 to be unlocked. A note on Kaseya’s website implores customers to shut off their VSA servers for now “because one of the first things the attacker does is shutoff administrative access to the VSA.”
News Flash: cybercriminals are a$$holes.
Keep all the Incident Response teams in mind this holiday weekend as they’re in the thick of it…again.
If you use Kaseya VSA, shut it down *now* until told to reactivate and…