Ransomware-as-a-Service targeting Linux and VMware ESXi systems being

A new ransomware-as-service operation called MichaelKors has become the latest file-encrypting malware to target Linux and VMware ESXi systems as of April 2023. The malware uses a technique known as hypervisor jackpotting. Other notable e-crime outfits that have updated their arsenal to target ESXi consist of ALPHV, BlackCat, Black Basta, Defray, ESXiArgs, LockBit, Nevada, Play, Rook, and Rorschach. In March 2023, Google-owned Mandiant attributed a Chinese nation-state group to the use of novel backdoors dubbed VIRTUAL PITA and VIRTUAL PIE in attacks aimed at VMware ESX servers. This poses a major concern as more organizations continue to transfer workloads and infrastructure into cloud environments – all through VMWare Hypervisor environments.

#shorts #techshorts #technews #tech #technology #Linux and VMware ESXi systems #AV software #hypervisor