Ransomware gang hacks MSPs & deploy ransomware on customer systems

Posted by ideaBOX News on Jun 21, 2019 2:26:22 PM

Hackers breached MSPs and use Webroot SecureAnywhere tools to infect customer PCs with the Sodinokibi ransomware.

Hackers used MSP's remote desktop took by Webroot to gain access to customer's PCs and infected PCs.  They executed a powershell script on remote workstations to publish the Sodinokibi ransomware applet.

Topics: Insider