Ransomware attack on ConnectWise

483

 

ConnectWise, a Florida based Business Software provider is reported to have become a victim of a ransomware attack. And it’s official that over 20,000 of the technology firm’s customers were impacted by the attack which took place through an automated vulnerability.


 

The software developer which is renowned for its CRM software has confirmed that the cyber attack took place through a flaw in ConnectWise Automate software in May this year prompting the authorities to release a fix and an update on the incident.

 

Last Thursday the company issued a press statement through CRN and stated that a small section of its partners was compromised in the incident and the impact details are still awaited as the investigation was going on still.

 

Many Security researchers reacted to the news saying that the company only issued a fix to one flaw and they still need to address multiple of them.

 

Kyle Hanslovan, the CEO of Huntress said that hackers gained access to the ConnectWise servers through a flaw in the automation software which existed due to unpatched instances.

 

Note 1- Previously the Tampa based company was also caught in a ‘Technical Support’ data scam as its ScreenConnect software allowed users to take control of victim computers by calling and tricking them to install a fraudulent software. And as the software was free to use as it was a trial version, tracking down fraudsters became extremely difficult in this instance.

 

Note 2- Details on the ransomware variant and the extent of data loss are yet to be determined.