The Hacker News
Babuk Source Code Sparks 9 Different Ransomware Strains Targeting VMware ESXi Systems
May 11^th 2023 at 10:32

Babuk Source Code Sparks 9 Different Ransomware Strains Targeting VMware ESXi Systems

By Ravie Lakshmanan

Multiple threat actors have capitalized on the leak of Babuk (aka Babak or Babyk) ransomware code in September 2021 to build as many as nine different ransomware families capable of targeting VMware ESXi systems. "These variants emerged through H2 2022 and H1 2023, which shows an increasing trend of Babuk source code adoption," SentinelOne security researcher Alex Delamotte said in a report

Related tags
May 11^th 2023 at 10:32

The Hacker News
ESXiArgs Ransomware Hits Over 500 New Targets in European Countries
February 16^th 2023 at 10:13

ESXiArgs Ransomware Hits Over 500 New Targets in European Countries

By Ravie Lakshmanan

More than 500 hosts have been newly compromised en masse by the ESXiArgs ransomware strain, most of which are located in France, Germany, the Netherlands, the U.K., and Ukraine. The findings come from attack surface management firm Censys, which discovered "two hosts with strikingly similar ransom notes dating back to mid-October 2022, just after ESXi versions 6.5 and 6.7 reached end of life."

Related tags
February 16^th 2023 at 10:13

The Hacker News
New ESXiArgs Ransomware Variant Emerges After CISA Releases Decryptor Tool
February 11^th 2023 at 13:36

New ESXiArgs Ransomware Variant Emerges After CISA Releases Decryptor Tool

By Ravie Lakshmanan

After the U.S. Cybersecurity and Infrastructure Security Agency (CISA) released a decryptor for affected victims to recover from ESXiArgs ransomware attacks, the threat actors have bounced back with an updated version that encrypts more data. The emergence of the new variant was reported by a system administrator on an online forum, where another participant stated that files larger than 128MB

Related tags
February 11^th 2023 at 13:36

Naked Security
VMWare user? Worried about “ESXi ransomware”? Check your patches now!
February 7^th 2023 at 19:59

VMWare user? Worried about “ESXi ransomware”? Check your patches now!

By Paul Ducklin

To borrow from HHGttG, please DON'T PANIC. But if you are two years out of date with patches, please do ACT NOW!

Related tags
February 7^th 2023 at 19:59

The Hacker News
VMware Finds No Evidence of 0-Day in Ongoing ESXiArgs Ransomware Spree
February 7^th 2023 at 10:21

VMware Finds No Evidence of 0-Day in Ongoing ESXiArgs Ransomware Spree

By Ravie Lakshmanan

VMware on Monday said it found no evidence that threat actors are leveraging an unknown security flaw, i.e., a zero-day, in its software as part of an ongoing ransomware attack spree worldwide. "Most reports state that End of General Support (EoGS) and/or significantly out-of-date products are being targeted with known vulnerabilities which were previously addressed and disclosed in VMware

Related tags
February 7^th 2023 at 10:21

FreshRSS

Babuk Source Code Sparks 9 Different Ransomware Strains Targeting VMware ESXi Systems

ESXiArgs Ransomware Hits Over 500 New Targets in European Countries

New ESXiArgs Ransomware Variant Emerges After CISA Releases Decryptor Tool

VMWare user? Worried about “ESXi ransomware”? Check your patches now!

VMware Finds No Evidence of 0-Day in Ongoing ESXiArgs Ransomware Spree