Cybersecurity

Mass Ransomware Hack Used IT Software Flaws, Researchers Say

Hundreds of businesses affected; REvil is the prime suspect
Hackers said to have exploited vulnerabilities in Kaseya code

Sberbank PSJC Reveals Russia's Fastest Supercomputer — Photographer: Andrey Rudakov/Bloomberg

Provide news feedback or report an error

Confidential tip?

Send a tip to our reporters

Site feedback:

Take our Survey

By Jordan Robertson and William Turton

July 4, 2021 at 6:38 PM UTC

Updated on

July 5, 2021 at 5:40 AM UTC

This article is for subscribers only.

The hackers behind a mass ransomware attack exploited multiple previously unknown vulnerabilities in IT management software made by Kaseya Ltd., the latest sign of the skill and aggressiveness of the Russia-linked group believed responsible for the incidents, cybersecurity researchers said Sunday.

Marcus Murray, founder of Stockholm-based TrueSec Inc., said his firm’s investigations involving multiple victims in Sweden found that the hackers targeted them opportunistically. In those cases, the hackers used a previously unknown flaw in Miami-based Kaseya’s code to push ransomware to servers that used the software and were connected to the internet, he said.