The Kaseya Ransomware Nightmare Is Almost Over
Nearly three weeks ago, a ransomware attack against a little-known IT software company called Kaseya spiraled into a full-on epidemic, with hackers seizing the computers as many as 1,500 businesses, including a major Swedish grocery chain. Last week, the notorious group behind the hack disappeared from the internet, leaving victims with no way to pay up and free their systems. But now the situation seemed close to finally being resolved, thanks to the surprise appearance on Thursday of a universal decryption tool.
The July 2 hack was about as bad as it gets. Kaseya provides IT management software that’s popular among so-called managed service providers, which are companies that offer IT infrastructure to companies that would rather not deal with it themselves. By exploiting a bug in MSP-focused software called Virtual System Administrator, the ransomware group REvil was able to infect not just those targets but their customers as well, resulting in a wave of devastation.