Table of contents
To our Syncro partners,
We want to address any concerns you may have after reading about a recent spear phishing campaign by the group MuddyWaters targeting organizations in the Middle East and Asia.
Syncro takes platform and data security very seriously. We understand how critical your RMM and PSA tool are for your organization and we do not take that responsibility lightly. Our highest priority is providing you with a secure and reliable platform on which you can build your business.
First and foremost, we want to be clear that the Syncro platform, agent, and data have not been compromised in any way. The use of Syncro software by this bad actor has been through illegitimate accounts and has not impacted any of our legitimate partners’ accounts, devices, or data.
The MSP industry has seen a dramatic increase in the use of MSP tools by bad actors. These bad actors usually sign up for free trials and even paid accounts of RMM platforms or remote access/control tools, and then employ social engineering to convince an end user to install the RMM agent on their computers. The attackers use the built-in functionality just like any MSP would: running scripts, remoting into computers, sending emails. The only difference is they have nefarious intentions.
We have always monitored for suspicious accounts and quickly shut down any bad accounts. Seeing an uptick in attempts recently, we implemented new security measures in response that should curtail this behavior.
For example, we have implemented additional verification measures for new trial account creation to limit use of Syncro by illegitimate actors. We also monitor for irregular account information and usage and immediately terminate accounts that violate our policies. Additionally, Syncro has close working relationships with security providers in the space, and regularly works alongside them to identify potential issues and stay on top of these trends. We are committed to proactively preventing the use of our tools by bad actors, as well as monitoring for common indicators and swiftly responding.
From our investigations, a common denominator is the end user falling for social engineering techniques. We highly encourage all MSPs to educate their clients through reputable Security Awareness Training and to adopt security best practices.
Syncro also has a responsible disclosure program, as we believe security is a cornerstone of all software, but especially RMM platforms. We are committed to keeping your data safe. Feel free to email security@syncromsp.com if you have any questions.
Share