cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
AdithyanT
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 1 of 5

McAfee Coverage for Kaseya VSA Ransomware Attack

Jump to solution

Hi All,

McAfee is aware of an active industry-wide Ransomware attack against using Kaseya. McAfee provides detection for the currently available IOC's using GTI at a "Very Low" setting:

SHA256:
agent.exe (dropper) - d55f983c994caa160ec63a59f6b4250fe67fb3e8c43a388aec60a4a6978e9f1e
mpsvc.dll - 8dd620d9aeb35960bb766458c8890ede987c33d239cf730f93fe49d90ae759dd
Was my reply helpful?
If you find this post useful, Please give it a Kudos! Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!

Thanks and regards,
Adithyan T
2 Solutions

Accepted Solutions
AdithyanT
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 5

Re: McAfee Coverage for Kaseya VSA Ransomware Attack

Jump to solution

For further details and Extra DAT for coverage, please refer KB94660.

Was my reply helpful?
If you find this post useful, Please give it a Kudos! Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!

Thanks and regards,
Adithyan T

View solution in original post

AdithyanT
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 4 of 5

Re: McAfee Coverage for Kaseya VSA Ransomware Attack

Jump to solution

Hi @WillLAus20,

Thank you for your response. yes the current DAT does carry the detection for the 2 IOCs mentioned in our KBA and above.

Was my reply helpful?
If you find this post useful, Please give it a Kudos! Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!

Thanks and regards,
Adithyan T

View solution in original post

4 Replies
AdithyanT
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 5

Re: McAfee Coverage for Kaseya VSA Ransomware Attack

Jump to solution

For further details and Extra DAT for coverage, please refer KB94660.

Was my reply helpful?
If you find this post useful, Please give it a Kudos! Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!

Thanks and regards,
Adithyan T

View solution in original post

Re: McAfee Coverage for Kaseya VSA Ransomware Attack

Jump to solution

Hi McAfee Support,

Is the Amcore DAT version epoV3_4486.0dat.zip, already include the "Kaseya Ransomware / Ransom-revil.c" detection ?

These was release today, morning,

William from (Australia - Leidos)

 

AdithyanT
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 4 of 5

Re: McAfee Coverage for Kaseya VSA Ransomware Attack

Jump to solution

Hi @WillLAus20,

Thank you for your response. yes the current DAT does carry the detection for the 2 IOCs mentioned in our KBA and above.

Was my reply helpful?
If you find this post useful, Please give it a Kudos! Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!

Thanks and regards,
Adithyan T

View solution in original post

Re: McAfee Coverage for Kaseya VSA Ransomware Attack

Jump to solution

cool, thanks for your fast reply.

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community