Babuk ransomware source code sparks 9 different strains targeting VMware ESXi systems

Several threat actors have capitalized on the leak of ransomware source code from a company called Babuk in September 2021 to build as many as nine different ransomware families capable of infecting VMware ESXi systems. These variants emerged through 2022 and 2023, which shows an increasing trend in Babuk source code adoption. The leaked source code enables actors to target Linux systems when they may otherwise lack expertise to build a working program. What’s more, at least three different ransomware strains – Cylance, Rorschach, and RTM Locker – have emerged since the beginning of the year based on the leaked Babuk firmware. Delamotte notes that the popularity of Babuk’s ESXi locker code has also increased

#shorts #techshorts #technews #tech #technology #Babuk #ransomware attacks #Multiple threat actors