Security News > 2024 > April > Chilean hosting firm's VMware ESXi servers hit by new SEXi ransomware
Chilean data center and hosting provider IxMetro Powerhost has suffered a cyberattack at the hands of a new ransomware gang known as SEXi, which encrypted the company's VMware ESXi servers and backups.
On Monday, PowerHost's Chile division, IxMetro, warned customers that it suffered a ransomware attack early Saturday morning that encrypted some of the company's VMware ESXi servers that are used to host virtual private servers for customers.
According to CronUp cybersecurity researcher Germán Fernández, PowerHost was attacked using a new ransomware that appends the.
While BleepingComputer has not been able to find a sample of this ransomware, we have learned that the ransomware is fairly new, starting to target victims in March 2023.
The known attacks by the threat actors have only been seen targeting VMWare ESXi servers so far, why the ransomware operation chose the name 'SEXi,' which is a wordplay on 'ESXi.'.
RansomHouse gang automates VMware ESXi attacks with new MrAgent tool.
News URL
Related news
- Hosting firm's VMware ESXi servers hit by new SEXi ransomware (source)
- VMware fixes critical sandbox escape flaws in ESXi, Workstation, and Fusion (source)
- VMware patches critical flaws in ESXi, Workstation, Fusion and Cloud Foundation (source)
- Akira Ransomware Gang Extorts $42 Million; Now Targets Linux Servers (source)