Security News > 2024 > April > Chilean hosting firm's VMware ESXi servers hit by new SEXi ransomware

Chilean hosting firm's VMware ESXi servers hit by new SEXi ransomware
2024-04-03 21:58

Chilean data center and hosting provider IxMetro Powerhost has suffered a cyberattack at the hands of a new ransomware gang known as SEXi, which encrypted the company's VMware ESXi servers and backups.

On Monday, PowerHost's Chile division, IxMetro, warned customers that it suffered a ransomware attack early Saturday morning that encrypted some of the company's VMware ESXi servers that are used to host virtual private servers for customers.

According to CronUp cybersecurity researcher Germán Fernández, PowerHost was attacked using a new ransomware that appends the.

While BleepingComputer has not been able to find a sample of this ransomware, we have learned that the ransomware is fairly new, starting to target victims in March 2023.

The known attacks by the threat actors have only been seen targeting VMWare ESXi servers so far, why the ransomware operation chose the name 'SEXi,' which is a wordplay on 'ESXi.'.

RansomHouse gang automates VMware ESXi attacks with new MrAgent tool.


News URL

https://www.bleepingcomputer.com/news/security/chilean-hosting-firms-vmware-esxi-servers-hit-by-new-sexi-ransomware/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Vmware 146 11 222 256 102 591