Security News > 2023 > February > New Wave of Ransomware Attacks Exploiting VMware Bug to Target ESXi Servers
VMware ESXi hypervisors are the target of a new wave of attacks designed to deploy ransomware on compromised systems.
"A malicious actor residing within the same network segment as ESXi who has access to port 427 may be able to trigger the heap-overflow issue in OpenSLP service resulting in remote code execution," the virtualization services provider noted.
French cloud services provider OVHcloud said the attacks are being detected globally with a specific focus on Europe.
It's being suspected that the attacks are related to a new Rust-based ransomware strain called Nevada that emerged on the scene in December 2022.
"Notably, the group behind the Nevada Ransomware is also buying compromised access by themselves, the group has a dedicated team for post-exploitation, and for conducting network intrusions into the targets of interest."
Bleeping Computer reports that the ransom notes seen in the attacks bear no similarities to Nevada ransomware, adding the strain is being tracked under the name ESXiArgs.
News URL
https://thehackernews.com/2023/02/new-wave-of-ransomware-attacks.html
Related news
- Chilean hosting firm's VMware ESXi servers hit by new SEXi ransomware (source)
- Hosting firm's VMware ESXi servers hit by new SEXi ransomware (source)
- BlackCat ransomware turns off servers amid claim they stole $22 million ransom (source)
- Fidelity customers' financial info feared stolen in suspected ransomware attack (source)
- Fidelity customers' financial info feared stolen in suspected ransomware attack (source)
- Alert: GhostSec and Stormous Launch Joint Ransomware Attacks in Over 15 Countries (source)
- VMware Issues Security Patches for ESXi, Workstation, and Fusion Flaws (source)
- VMware fixes critical sandbox escape flaws in ESXi, Workstation, and Fusion (source)
- Duvel says it has "more than enough" beer after ransomware attack (source)
- FBI: Critical infrastructure suffers spike in ransomware attacks (source)