Techly NewsGet the app

Get the latest tech news

Researchers say easy-to-exploit security bugs in ConnectWise remote-access software now under mass attack


Security researchers say hackers are using the easily exploitable ConnectWise flaws to steal data and deploy ransomware.

Security researchers say a pair of easy-to-exploit flaws in a popular remote access tool used by more than a million companies around the world are now being mass-exploited, with hackers abusing the vulnerabilities to deploy ransomware and steal sensitive data. Finnish cybersecurity firm WithSecure said in a blog post Monday that its researchers have also observed “en-mass exploitation” of the ScreenConnect flaws from multiple threat actors. Huntress said in its analysis that it has since observed a “number of adversaries” leverage exploits to deploy ransomware, and a “significant number” of adversaries using exploits deploy cryptocurrency mining software, install additional “legitimate” remote access tools to maintain persistent access to a victim’s network, and create new users on compromised machines.

Get the Android app

Or read this on TechCrunch

Read more on:

Photo of attack

attack

Photo of researchers

researchers

Photo of ConnectWise

ConnectWise

Related news:

News photo

Researchers warn against using headsets like the Apple Vision Pro daily

News photo

Researchers discover antibody capable of neutralizing venom from a wide variety of snake species across the globe; discovery may lead to universal antidote for snakebites

News photo

Hackers are exploiting ConnectWise flaws to deploy LockBit ransomware, security experts warn

« Microsoft showcases next-generation AI and computing at Nvidia GTC
Meta drops lawsuit against web-scraping firm Bright Data that sold millions of Instagram records »