(844) 627-8267
(844) 627-8267
0

VMware ESXi targeted by TargetCompany for Linux ransomware | #ransomware | #cybercrime


Attacks with a Linux variant of the TargetCompany ransomware, also known as FARGO, Mallox, and Tohnichi, have been launched against VMware ESXi environments, BleepingComputer reports.

Such intrusions — which were attributed to TargetCompany ransomware affiliate “vampire” suspected of being behind reported attacks targeted at vulnerable Microsoft SQL servers — involved the deployment of a custom shell script that would ensure administrative privileges and the existence of a TargetInfo.txt file containing exfiltrated victim information before deploying the ransomware, which then proceeds to encrypt files with extensions related to VM, according to a report from Trend Micro. After delivering a ransom note detailing payment instructions, TargetCompany for Linux is then erased by the shell script via the ‘rm -f x’ command, said researchers.

Further analysis of the latest TargetCompany ransomware attacks showed that a China-based ISP provider’s IP addresses had been used for payload delivery and text file receipt but the origin of the attacker remains inconclusive.



Source link

.........................

National Cyber Security

FREE
VIEW