A ransomware attack on a US IT company potentially targeted 1,000 businesses, researchers said on Saturday, with one of Sweden’s biggest supermarket chains revealing it had to temporarily close about 800 stores after losing access to its checkouts.
Kaseya on Friday evening said that it had limited the attack to “a very small percentage of our customers” who use its signature VSA software — “currently estimated at fewer than 40 worldwide.”
However, cybersecurity firm Huntress Labs said in a Reddit forum that it was working with partners targeted in the attack, and that the software was manipulated “to encrypt more than 1,000 companies.”
Russian-based hackers have been blamed for a string of ransomware attacks, and US President Joe Biden has raised the threat in talks with Russian President Vladimir Putin.
Biden on Saturday ordered a full investigation, while adding that “the initial thinking was it was not the Russian government, but we’re not sure yet.”
Brett Callow, an analyst for cybersecurity company Emsisoft, said that it remained unknown how many companies were affected and that the scale of attack could be “without precedent.”
Ransomware attacks typically involve locking away data in systems using encryption, making companies pay to regain access.
Kaseya describes itself as a leading provider of IT and security management services to small and medium-sized businesses.
VSA, the company’s flagship offering, is designed to let companies manage networks of computers and printers from a single point.
“One of our subcontractors was hit by a digital attack, and that’s why our checkouts aren’t working any more,” Coop Sweden, which accounts for about 20 percent of the country’s supermarket sector, said in a statement.
“We regret the situation and will do all we can to reopen swiftly,” the cooperative added.
Coop Sweden did not name the subcontractor or reveal the hacking method used against it.
However, the Swedish subsidiary of the Visma software group said the problem was linked to the Kaseya attack.
Kaseya became aware of a possible incident with VSA at midday on Friday on the US east coast and “immediately shut down” its servers as a “precautionary measure,” it said.
It also “notified our on-premises customers via email, in-product notes, and phone to shut down their VSA servers to prevent them from being compromised.”
SOURCE IDENTIFIED
“We believe that we have identified the source of the vulnerability and are preparing a patch to mitigate it,” the company said in a statement.
According to the New Zealand government’s Computer Emergency Response Team, the attackers were from a hacking group known as REvil.
REvil was also, according to the FBI, behind last month’s attack on JBS, one of the world’s biggest meat processors, which ended with the Brazil-based company paying bitcoin worth US$11 million to the hackers.
The US Cybersecurity and Infrastructure Security Agency said that it was “taking action to understand and address the recent supply-chain ransomware attack” against Kaseya VSA and the service providers using its software.
“This is one of the largest, most widespread ransomware attacks I’ve seen in my career,” said Alfred Saikali of law firm Shook, Hardy & Bacon.
“I have never seen this many companies hire us in a single day for the same incident. As a general rule, you want to avoid paying the ransom at all costs,” he said.
Packed crowds in India celebrating their cricket team’s victory ended in a deadly stampede on Wednesday, with 11 mainly young fans crushed to death, the local state’s chief minister said. Joyous cricket fans had come out to celebrate and welcome home their heroes, Royal Challengers Bengaluru, after they beat Punjab Kings in a roller-coaster Indian Premier League (IPL) cricket final on Tuesday night. However, the euphoria of the vast crowds in the southern tech city of Bengaluru ended in disaster, with Indian Prime Minister Narendra calling it “absolutely heartrending.” Karnataka Chief Minister Siddaramaiah said most of the deceased are young, with 11 dead
DENIAL: Musk said that the ‘New York Times was lying their ass off,’ after it reported he used so much drugs that he developed bladder problems Elon Musk on Saturday denied a report that he used ketamine and other drugs extensively last year on the US presidential campaign trail. The New York Times on Friday reported that the billionaire adviser to US President Donald Trump used so much ketamine, a powerful anesthetic, that he developed bladder problems. The newspaper said the world’s richest person also took ecstasy and mushrooms, and traveled with a pill box last year, adding that it was not known whether Musk also took drugs while heading the so-called US Department of Government Efficiency (DOGE) after Trump took power in January. In a
By 2027, Denmark would relocate its foreign convicts to a prison in Kosovo under a 200-million-euro (US$228.6 million) agreement that has raised concerns among non-governmental organizations (NGOs) and residents, but which could serve as a model for the rest of the EU. The agreement, reached in 2022 and ratified by Kosovar lawmakers last year, provides for the reception of up to 300 foreign prisoners sentenced in Denmark. They must not have been convicted of terrorism or war crimes, or have a mental condition or terminal disease. Once their sentence is completed in Kosovan, they would be deported to their home country. In
LOST CONTACT: The mission carried payloads from Japan, the US and Taiwan’s National Central University, including a deep space radiation probe, ispace said Japanese company ispace said its uncrewed moon lander likely crashed onto the moon’s surface during its lunar touchdown attempt yesterday, marking another failure two years after its unsuccessful inaugural mission. Tokyo-based ispace had hoped to join US firms Intuitive Machines and Firefly Aerospace as companies that have accomplished commercial landings amid a global race for the moon, which includes state-run missions from China and India. A successful mission would have made ispace the first company outside the US to achieve a moon landing. Resilience, ispace’s second lunar lander, could not decelerate fast enough as it approached the moon, and the company has
RSS