Skip to content

Trend Micro TECHNICAL SUPPORT Advisory: REvil Ransomware Attack Against Kaseya VSA

Details:
On July 2, 2021 2:00 PM EDT, Kaseya has made an important announcement about a potential attack against the Kaseya VSA. Immediately shutting down of the VSA server is recommended until further notice.  Please refer to this article published by Kaseya. 

Recommended Actions:
For Trend Micro Worry-Free Business Security Services (WFBS-SVC) customers, follow this Worry-Free Security Services Checklist to protect the network from REvil Ransomware.

As for the Trend Micro Worry-Free XDR or Worry-Free EDR customers, use the following indicators of compromise below to initiate a proactive IOC assessment across your network and take necessary mitigation actions.

Indicator / Type

Indicator / Type
8dd620d9aeb35960bb766458c8890ede987c33d239cf730f93fe49d90ae759dd
SHA-256
2093c195b6c1fd6ab9e1110c13096c5fe130b75a84a27748007ae52d9e951643
SHA-256
d55f983c994caa160ec63a59f6b4250fe67fb3e8c43a388aec60a4a6978e9f1e
SHA-256
e2a24ab94f865caeacdf2c3ad015f31f23008ac6db8312c2cbfb32e4a5466ea2
SHA-256

For MSP partners, you can perform the IOC Assessment across Worry-Free XDR and Worry-Free EDR customers from your Remote Manager console

Previous article Trend Micro Remote Manager Systems Upgrade
Next article Trend Micro: TMRM Scheduled Maintenance for Database Upgrade

More Trendmicro News Posts