The hackers behind a mass ransomware attack exploited multiple previously unknown vulnerabilities in IT management software made by Kaseya Ltd., the latest sign of the skill and aggressiveness of the Russia-linked group believed responsible for the incidents, cybersecurity researchers said Sunday.
Marcus Murray, founder of Stockholm-based TrueSec Inc., said his firm’s investigations involving multiple victims in Sweden found that the hackers targeted them opportunistically. In those cases, the hackers used a previously unknown flaw in Miami-based Kaseya’s code to push ransomware to servers that used the software and were connected to the internet, he said.
The Dutch Institute for Vulnerability Disclosure said it had alerted Kaseya to multiple vulnerabilities in its software that were then used in the attacks, and that it was working with the company on fixes when the ransomware was deployed.