Hackers Are Exploiting a Flaw in Popular Billing Software to Deploy Ransomware


The business behind BillQuick, BQE Software has actually claimed that it has a strong user base of 400,000 users worldwide.

In numerous versions of the popular BQE Software BillQuick billing service, the security analysts of Huntress Labs have warned of a vital SQL injection bug.

In a ransomware attack, this security flaw that is tracked as CVE-2021-42258 was exploited on a certain American engineering company to obtain preliminary access to the company systems and network. And this vital security flaw is found in BillQuick Web Suite 2018 to 2021 v22.0.9.0.

An unidentified ransomware group is actively exploiting this vital vulnerability in the BillQuick Web Suite time and billing solution to release Ransomware.

The security bug that is found in the BillQuick Web Suite time and billing service is a SQL injection vulnerability that enables an assaulter to carry out arbitrary code on a vulnerable system remotely.

Unpatched Security Bugs

Additionally, CVE-2021-42258 is associated with the procedure of generating questions versus SQL database in BillQuick Web Suite 2020, and this allows the threat actors to perform the following actions:-.


This event highlights a duplicating pattern plaguing SMB software: well-established suppliers are doing very little to proactively secure their applications and subject their unwitting customers to significant liability when delicate data is inevitably leaked and/or ransomed.”.

Heres the list of those unpatched vulnerabilities:-.

” Hackers can use this to access consumers BillQuick data and run harmful commands on their on-premises Windows servers.

Risk scientist of Huntress Lab, Caleb Stewart stated:-.

You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity updates.

Huntress claimed that they are presently alerting all the users who are still utilizing the vulnerable variation of BillQuick Web Suite and suggesting them to instantly upgrade their billing suites to the WebSuite 2021 version

BQE Software has actually currently patched this bug on October 7 after Huntress Labs notified them, but, here the most stunning thing discovered during the investigation is that there are eight more vulnerabilities that are still unpatched.

Inject malicious SQL code through an application authorization kind.
From another location run a command line on a Windows system.
Perform code with raised rights, as BillQuick works with system administrator advantages.