The largest ransomware attack to date continued on Monday as more details emerged on how a gang affiliated with Russia broke through the exploited software company. Essentially, the criminals used a malware protection tool to spread it around the world.
Thousands of organizations – mostly firms that remotely manage the IT infrastructure of others – were infected in at least 17 countries in Friday’s attack. Kaseya, whose product has been exploited, said Monday that including several are returning to work.
With the infamous REvil gang attacked just at the beginning of a long July 4th weekend, many more victims should know their fate when they return to the office on Tuesday.
REvil is best known for extorting $ 11 million from meat processor JBS last month. Security researchers said its ability to bypass anti-malware safeguards in this attack and the apparent exploitation of a previously unknown vulnerability on Kaseya servers was the growing …