Security News > 2022 > January > Linux version of AvosLocker ransomware targets VMware ESXi servers
AvosLocker is the latest ransomware gang that has added support for encrypting Linux systems to its recent malware variants, specifically targeting VMware ESXi virtual machines.
While we couldn't find what targets were targeted using this AvosLocker ransomware Linux variant, BleepingComputer knows of at least one victim that got hit with a $1 million ransom demand.
Several months ago, the AvosLocker gang was also seen advertising its latest ransomware variants, the Windows Avos2 and AvosLinux, while making a point of warning affiliates not to attack post-soviet/CIS targets.
Since October, Hive ransomware started encrypting Linux and FreeBSD systems using new malware variants, within months after researchers spotted a REvil ransomware Linux encryptor targeting VMware ESXi VMs. Emsisoft CTO Fabian Wosar told BleepingComputer that other ransomware gangs, including Babuk, RansomExx/Defray, Mespinoza, GoGoogle, DarkSide, and Hellokitty, have also created and used their own Linux encryptors.
"The reason why most ransomware groups implemented a Linux-based version of their ransomware is to target ESXi specifically," Wosar explained.
You can find more info on AvosLocker ransomware and what to do if you get hit by this ransomware family in our support topic.
News URL
Related news
- Chilean hosting firm's VMware ESXi servers hit by new SEXi ransomware (source)
- Hosting firm's VMware ESXi servers hit by new SEXi ransomware (source)
- Akira Ransomware Gang Extorts $42 Million; Now Targets Linux Servers (source)
- DinodasRAT malware targets Linux servers in espionage campaign (source)
- Critical Atlassian Flaw Exploited to Deploy Linux Variant of Cerber Ransomware (source)