Critical Veeam Vulnerability Exploited to Spread Akira and Fog Ransomware

Threat actors are exploiting a now-patched vulnerability in Veeam Backup & Replication (CVE-2024-40711) to deploy Akira and Fog ransomware. Using compromised VPN credentials, attackers create local accounts and spread ransomware, targeting enterprise backup systems. The flaw, rated 9.8 on the CVSS scale, enables remote code execution and was patched in September 2024.
- CVE-2024-40711, a critical flaw in Veeam Backup & Replication, allows unauthenticated remote code execution.
- Exploited through compromised VPN gateways without multifactor authentication and outdated software versions.
- Attackers deployed Akira and Fog ransomware, with one case involving Hyper-V servers and rclone for data exfiltration.
- A new variant linked to INC ransomware, Lynx ransomware, has been active since July 2024, targeting various sectors.
- Trinity and MedusaLocker variants like BabyLockerKZ are being observed, exploiting phishing emails and software vulnerabilities.
Organizations should patch critical vulnerabilities, enforce multifactor authentication, and update unsupported software versions to safeguard against the exploitation of flaws like CVE-2024-40711, which attackers are using to target enterprise backup systems and deploy ransomware.
0 Comment(s)
Categories
- Other (43)
- Ransomware (154)
- Events and News (27)
- Features (45)
- Security (487)
- Tips (79)
- Google (29)
- Achievements (11)
- Products (36)
- Activation (7)
- Dealers (1)
- Bank Phishing (53)
- Malware Alerts (232)
- Cyber Attack (303)
- Data Backup (13)
- Data Breach (130)
- Phishing (165)
- Securty Tips (2)
- Browser Hijack (19)
- Adware (15)
- Email And Password (71)
- Android Security (77)
- Knoweldgebase (38)
- Botnet (17)
- Updates (4)
- Alert (71)
- Hacking (71)
- Social Media (8)
- vulnerability (75)
- Hacker (38)
- Spyware (12)
- Windows (8)
- Microsoft (25)
- Uber (1)
- YouTube (1)
- Trojan (4)
- Website hacks (10)
- Paytm (1)
- Credit card scam (2)
- Telegram (3)
- RAT (8)
- Bug (3)
- Twitter (2)
- Facebook (8)
- Banking Trojan (9)
- Mozilla (2)
- COVID-19 (5)
- Instagram (3)
- NPAV Announcement (9)
- IoT Security (2)
- Deals and Offers (2)
- Cloud Security (12)
- Offers (5)
- Gaming (1)
- FireFox (2)
- LinkedIn (3)
- WhatsApp (6)
- Amazon (2)
- DMart (1)
- Payment Risk (5)
- Occasion (3)
- firewall (3)
- Cloud malware (2)
- Cloud storage (2)
- Financial fraud (47)
- Impersonation phishing (1)
- DDoS (7)
- Smishing (2)
- Whale (0)
- Whale phishing (4)
- WINRAR (2)
- ZIP (2)
- Fraud Protector (36)
Recent Posts
Archive
Tags
cybersecurity
cybercrime
cyber attack
phishing
phishing attacks
data breach
cyber threats
data theft
phishing attack
malware
cyber fraud
android malware
credential theft
cybersecurity threats
ransomware
financial fraud
ransomeware
social engineering
data protection
financial security
cyber security
#cybersecurity
cyberthreats
phishingattack
network security
cyber threat
malware distribution
identity theft
security vulnerabilities
cert-in
data stealing
ransomware attacks
cyber crime
phishing scam
online fraud
data security
ddos attack
critical vulnerability
phishing email
ransomware attack
microsoft
cyber attacks
digital safety
twitter
ddos
india
cybercriminals
cyberattack
trojan
malware attack