Ransomware attack of 200 firms by group behind Apple extortion attempt

376
0

A ransomware attack has potentially impacted hundreds of companies on the July 4th weekend, an attack by the same group that attempted to extort Apple in April.

On Friday, it was revealed IT management firm Kaseya has been the focus of a new ransomware attack, that deals with software tools it produces. The Florida-based Kaseya disclosed that its VSA software was part of a potential security incident, prompting the shutdown of its servers and notifying customers to shut down related VSA servers.

As Kaseya operates a platform for managed service providers (MSPs) to offer remote support and software update services to other businesses, ransomware could have been distributed using VSA servers to MSP clients. This has the potential to harm hundreds of companies that use MSPs that rely on Kaseya’s platform.

According to security firm Huntress speaking to Gizmodo, three of its MSP clients had been affected, which could have affected as many as 200 smaller firms. ”

MSPs with over thousands of endpoints are being hit,” said Huntress senior security researcher John Hammond. “When an MSP is compromised, we’ve seen proof that it has spread through the VSA into all the MSP’s customers.”

The U.S. Cybersecurity and Infrastructure Security Agency issued a release on Friday, encouraging companies to read Kaseya’s advisory and to shut down VSA servers immediately.

One very public victim of the attack is Sweden’s supermarket chain Coop, which closed approximately 500 stores out of its 800 branches on Saturday while repairs were made to computer systems affected by the attack. Coop’s MSP was Visma, which used the Kaseya suite.

According to Huntress, it is believed that the attack was caused by the ransomware hacking group “REvil,” a well-known cybercriminal outfit. The group has a string of attacks to its name, including allegedly extorting $11 million out of meat supplier JBS after work at 13 processing plants ground to a halt.

In April, the group claimed it was “negotiating the sale of large quantities of confidential drawings of personal data with several major brands,” and wanted Apple to pay a ransom to buy back data. The group also threatened to publish new data every day until the ransom was paid.

The group seemed to obtain its schematics from Apple supply partner Quanta Computer, and asked Quanta for $50 million. It is unknown how much it asked Apple for the data.

Keep up with everything Apple in the weekly AppleInsider Podcast — and get a fast news update from AppleInsider Daily. Just say, “Hey, Siri,” to your HomePod mini and ask for these podcasts, and our latest HomeKit Insider episode too.

If you want an ad-free main AppleInsider Podcast experience, you can support the AppleInsider podcast by subscribing for $5 per month through Apple’s Podcasts app, or via Patreon if you prefer any other podcast player.

AppleInsider has affiliate partnerships and may earn commission on products purchased through affiliate links. These partnerships do not influence our editorial content.

And governments around the globe think it’s a good idea to undermine Apple’s security. Not smart.

We never heard if Apple/Quanta paid anything. I hope not.

Yeah, send this to, what’s her face

It’s a desk, an exercise bike, and it can also fit under a regular standing desk. The Flexispot Deskcise Pro V9 practically tricks you into getting fitter.

Zhiyun’s Smooth Q3 Gimbal for iPhone comes with a fill-in light geared toward YouTubers and offers robust filming features in a highly compact device.

Apple is planning a massive expansion of its innovation and manufacturing footprint in the U.S., including a new $1 billion engineering hub in Raleigh, North Carolina.

With the launch of the Beats Studio Buds, Apple now has a total of four wireless earbuds it sells to consumers. Here’s how the newcomers face against AirPods, AirPods Pro, and Beats Powerbeats Pro.

Sony launched the WF-1000XM4 wireless earbuds in June, its noise-cancelling rival to the Apple AirPods Pro. Here’s how Sony’s latest stacks up against Apple’s heavy hitter.

Apple has evolved its remote control over time, with each iteration introducing physical improvements and better features. After launching the second-generation Siri Remote, has Apple created its best controller?

In April, Amazon upgraded its Echo Buds to make it a better value-oriented rival to Apple’s AirPods. Here’s how Amazon’s offerings stack up to Apple’s AirPods and AirPods Pro.

Apple’s launch of AirTag puts it into a growing market of tracking accessories, but how does it compare against the Tile Pro and the Find My-enabled Chipolo One Spot? We compare the trackers.

[Read More…]