CyberNews Briefs

Scammers exploiting Kaseya ransomware attack to deploy malware

A phishing campaign that claims to offer a security update for Kaseya’s VSA software is actually attempting to install malware. The ransomware attack against IT firm Kaseya is being taken advantage of by cybercriminals. Cybercriminals are deploying spam to infect computers with Cobalt Strike-delivered malware. 

The phishing email sent claims to offer a way to fix the security flaw with Kaseya. The email carries a file attachment named SecurityUpdates.exe. The attached file contains malware attached to testing tool Cobalt Strike. Cobalt Strike was created for organizations to be able to test their internal security, but it has been utilized by cybercriminals instead to install malware onto victim’s computers.​​​​​ The group responsible for the attack is not confirmed.

Read more: Scammers exploiting Kaseya ransomware attack to deploy malware

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.