On 2 July 2021, a number of managed service providers (MSPs) and their customers became victims of a ransomware attack perpetrated by the REvil group,[1] causing widespread downtime for over 1,000 companies.
[2][3] The attack was carried out by exploiting a vulnerability in VSA (Virtual System Administrator), a remote monitoring and management software package developed by Kaseya.
[11] Initial reports of companies affected by the incident include Norwegian financial software developer Visma, who manages some systems for Swedish supermarket chain Coop.
[5] On 8 November 2021, the United States Department of Justice unsealed indictments against Yaroslav Vasinskyi, who was still in Polish custody, and another suspect — Russian national Yevgeniy Polyanin.
[5][21] Polyanin was charged with conducting ransomware attacks against multiple victims including Texas businesses and government entities, facing a maximum sentence of 145 years in prison.