Critical Veeam Vulnerability Exploited to Spread Akira and Fog Ransomware

Threat actors are exploiting a now-patched vulnerability in Veeam Backup & Replication (CVE-2024-40711) to deploy Akira and Fog ransomware. Using compromised VPN credentials, attackers create local accounts and spread ransomware, targeting enterprise backup systems. The flaw, rated 9.8 on the CVSS scale, enables remote code execution and was patched in September 2024.
- CVE-2024-40711, a critical flaw in Veeam Backup & Replication, allows unauthenticated remote code execution.
- Exploited through compromised VPN gateways without multifactor authentication and outdated software versions.
- Attackers deployed Akira and Fog ransomware, with one case involving Hyper-V servers and rclone for data exfiltration.
- A new variant linked to INC ransomware, Lynx ransomware, has been active since July 2024, targeting various sectors.
- Trinity and MedusaLocker variants like BabyLockerKZ are being observed, exploiting phishing emails and software vulnerabilities.
Organizations should patch critical vulnerabilities, enforce multifactor authentication, and update unsupported software versions to safeguard against the exploitation of flaws like CVE-2024-40711, which attackers are using to target enterprise backup systems and deploy ransomware.
0 Comment(s)
Categories
- Other (43)
- Ransomware (153)
- Events and News (27)
- Features (45)
- Security (483)
- Tips (79)
- Google (28)
- Achievements (11)
- Products (35)
- Activation (7)
- Dealers (1)
- Bank Phishing (49)
- Malware Alerts (226)
- Cyber Attack (285)
- Data Backup (13)
- Data Breach (116)
- Phishing (163)
- Securty Tips (2)
- Browser Hijack (19)
- Adware (15)
- Email And Password (70)
- Android Security (74)
- Knoweldgebase (38)
- Botnet (16)
- Updates (4)
- Alert (71)
- Hacking (67)
- Social Media (8)
- vulnerability (68)
- Hacker (36)
- Spyware (11)
- Windows (8)
- Microsoft (21)
- Uber (1)
- YouTube (1)
- Trojan (3)
- Website hacks (8)
- Paytm (1)
- Credit card scam (2)
- Telegram (3)
- RAT (6)
- Bug (3)
- Twitter (2)
- Facebook (8)
- Banking Trojan (9)
- Mozilla (2)
- COVID-19 (5)
- Instagram (3)
- NPAV Announcement (9)
- IoT Security (1)
- Deals and Offers (2)
- Cloud Security (12)
- Offers (5)
- Gaming (1)
- FireFox (2)
- LinkedIn (3)
- WhatsApp (5)
- Amazon (2)
- DMart (1)
- Payment Risk (5)
- Occasion (3)
- firewall (2)
- Cloud malware (2)
- Cloud storage (2)
- Financial fraud (29)
- Impersonation phishing (1)
- DDoS (7)
- Smishing (2)
- Whale (0)
- Whale phishing (4)
- WINRAR (2)
- ZIP (2)
- Fraud Protector (17)
Recent Posts
Archive
Tags
cyber attack
phishing
phishing attacks
cybercrime
data breach
cybersecurity
cyber threats
malware
ransomware
phishing attack
data theft
financial fraud
ransomeware
cybersecurity threats
android malware
financial security
credential theft
cyber security
data protection
cyber fraud
phishingattack
cyberthreats
social engineering
cyber crime
phishing scam
cert-in
network security
ddos attack
data stealing
cyberattack
net protector total security
malware attack
identity theft
financial crime
digital safety
critical vulnerability
ddos
fraud protector
twitter
india
data security
cyber threat
hacking
phishing email
cybercriminals
security vulnerabilities
trojan
microsoft
lockbit
online fraud