Include:
Tech
Cybersecurity
Business Strategy
Channel Insights
Stay Connected
Acer America
Acer America Corp. is a computer manufacturer of business and consumer PCs, notebooks, ultrabooks, projectors, servers, and storage products.

Location

333 West San Carlos Street
San Jose, California 95110
United States

WWW: acer.com

ChannelPro Network Awards

hello 2
hello 3

News

January 29, 2018 |

Kaseya VSA Vulnerability Exploited by Cryptocurrency Mining Attack

Hackers used a flaw in Kaseya’s RMM solution, which has since been patched, to deploy Monero crypto-mining software on managed endpoints.

Unidentified cybercriminals exploited a vulnerability in Kaseya’s Ltd.‘s VSA remote monitoring and management system earlier this month to deploy unauthorized cryptocurrency mining software on managed endpoints.

The attack was described this morning by security vendor eSentire Inc.

“eSentire has observed an unknown threat actor attempting to deploy a Monero cryptocurrency miner to multiple eSentire customers,” the Cambridge, Ont.-based company wrote this morning in a security advisory. “We assess with high confidence that the threat leveraged Kaseya Ltd’s Virtual Systems Administrator (VSA) agent to gain unauthorized access to multiple customer assets since January 19, 2018.”

The statement went on to say that eSentire “has disclosed this issue to Kaseya, who is actively working to communicate and mitigate the issue.”

Kaseya, which maintains dual headquarters in Miami and New York, acknowledged the issue in a security update posted on its support site earlier today.

“In the course of our continuous security monitoring of our products, we have uncovered a security vulnerability in our VSA product,” the post stated. “Consistent with our commitment to providing secure solutions for our partners, we have issued a set of patches that removes this vulnerability. We strongly recommend that every on-premises VSA customer download and install this patch immediately. The patch to address this vulnerability has already been deployed to our SaaS and hosted servers.”

Mike Puglia, Kaseya’s chief product officer, added further detail in a media statement.

“While software vulnerabilities are not uncommon, we take security seriously at Kaseya,” Puglia said. “As a result, we caught this vulnerability early and have been able to work quickly with our customers to resolve this issue and safeguard their environments. A very small fraction of our customers (initial estimate <0.1%) were affected by this issue and we have seen no evidence to suggest that this vulnerability was used to harvest personal, financial, or other sensitive information. Our commitment to our customers is unwavering and we will continue to be vigilant and transparent to ensure their safety."

Monero is one of many cryptocurrencies used to buy and sell goods online. Hackers attracted to its hashing algorithm, which requires fewer CPU resources than better-known alternatives like Bitcoin, have been employing a variety of scams and exploits to harness the processing power of infected PCs and servers for mining purposes.

In November, Check Point Technologies Ltd. reported that a Monero mining virus named CoinHive had been the sixth most prevalent malware variant on the web the previous month. When successfully deployed, the San Carlos, Calif.-based security vendor also stated, crypto-mining software can surreptitiously consume up to 65 percent of an endpoint’s CPU capacity.

Today’s incident is yet another illustration of a phenomenon ChannelPro reported on in October: threat actors are increasingly targeting managed service providers, whose RMM systems harbor information that can be used to compromise dozens of other networks. In one highly publicized attack last year, the Chinese cyberespionage group knowns APT10 successfully breached multiple businesses after using malware to hack their MSP.

Kaseya shipped the latest edition of VSA last week.


Editor’s Choice

MSP360 Bolsters Managed Backup Solution With Full Sharepoint Backup and Restore, Object Lock, and More

March 25, 2024 |

MSP360 CEO Brian Helwig details the latest improvements in its managed backup solutions and teases some new opportunities down the road for its partners in an exclusive ChannelPro interview.

Peer to Peer: Aurora’s Philip de Souza shares his secrets to creating a successful MSSP

March 19, 2024 | Philip de Souza

“It’s important that we understand when it comes to this whole MSP world that it’s all about the customer.”

Evolving State AI Regulations: Best Practices for Mitigating Risk

March 14, 2024 | Anurag Lal

While AI technologies can unlock tremendous business value, they also have potential risks.


Related News

Growing the MSP

Explore ChannelPro

Events

Reach Our Audience