Security News > 2023 > February > New Nevada Ransomware targets Windows and VMware ESXi systems
A relatively new ransomware operation known as Nevada seems to grow its capabilities quickly as security researchers noticed improved functionality for the locker targeting Windows and VMware ESXi systems.
Nevada ransomware features a Rust-based locker, real-time negotiation chat portal, separate domains in the Tor network for affiliates and victims.
One interesting characteristic of Nevada ransomware is the set of system locales it spares from the encryption process.
The Linux/VMware ESXi version of Nevada ransomware uses the same encryption algorithm as the Windows variant.
Fully encrypting only files smaller than 512KB. Likely due to a bug in the Linux version, Nevada ransomware will skip all files sized between 512KB and 1.25MB, the researcher discovered.
Nevada ransomware is still building its network of affiliates and initial access brokers, looking for skillful hackers.