Ransomware cyber

Veeam

Oct 13, 2024 1 min read
Veeam

Ransomware operators have exploited a critical vulnerability in Veeam Backup & Replication, identified as CVE-2024-40711, to execute arbitrary code and deploy malware. This vulnerability allowed attackers to create rogue accounts with administrator privileges. These compromised accounts were then used to deploy ransomware, specifically Fog and Akira variants, and in some instances to exfiltrate data from the network. The attack vectors included access through VPN gateways without multifactor authentication, often with outdated software. The severity of the vulnerability and the sophistication of the attacks indicate a significant security oversight, resulting in considerable risk to data integrity and availability for affected organizations.

Source: https://securityaffairs.com/169679/cyber-crime/ransomware-groups-exploit-veeam-backup-replication-bug.html

TPRM report: https://scoringcyber.rankiteo.com/company/veeam-software

"id": "vee000101324",
"linkid": "veeam-software",
"type": "Ransomware",
"date": "10/2024",
"severity": "100",
"impact": "",
"explanation": "Attack which disrupt the payment process for a shop"
{'attack_vector': ['VPN gateways without multifactor authentication',
                   'Outdated software'],
 'description': 'Ransomware operators have exploited a critical vulnerability '
                'in Veeam Backup & Replication, identified as CVE-2024-40711, '
                'to execute arbitrary code and deploy malware. This '
                'vulnerability allowed attackers to create rogue accounts with '
                'administrator privileges. These compromised accounts were '
                'then used to deploy ransomware, specifically Fog and Akira '
                'variants, and in some instances to exfiltrate data from the '
                'network. The attack vectors included access through VPN '
                'gateways without multifactor authentication, often with '
                'outdated software. The severity of the vulnerability and the '
                'sophistication of the attacks indicate a significant security '
                'oversight, resulting in considerable risk to data integrity '
                'and availability for affected organizations.',
 'ransomware': {'ransomware_strain': ['Fog', 'Akira']},
 'title': 'Ransomware Attack Exploiting Veeam Backup & Replication '
          'Vulnerability',
 'type': 'Ransomware',
 'vulnerability_exploited': 'CVE-2024-40711'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.