Hackers breached MSPs and use Webroot SecureAnywhere tools to infect customer PCs with the Sodinokibi ransomware.
Hackers used MSP's remote desktop took by Webroot to gain access to customer's PCs and infected PCs. They executed a powershell script on remote workstations to publish the Sodinokibi ransomware applet.
