This is now the SECOND time their VSA product has been compromised. How Kaysea still exists at this point….I have no idea.
https://helpdesk.kaseya.com/hc/en-gb/articles/360000333152 (previous compromise)
https://helpdesk.kaseya.com/hc/en-gb/articles/4403440684689 *current Compromise)
IF you are a MSP using Kaysea. Cancel your contract with them effective immediately. The damage you have suffered and will suffer will be dangerous to the continued operational existence of your business.
According to Bleeping computer this is a solarwinds style attack where their auto-update system for the product was compromised. Once that happened all that had to happen is the updates got pushed through the MSp vendors and then got pushed to their clients. There is a long Redditt thread about this ongoing incident.