Security News > 2024 > June > Linux version of TargetCompany ransomware focuses on VMware ESXi

Linux version of TargetCompany ransomware focuses on VMware ESXi
2024-06-05 23:17

Researchers observed a new Linux variant of the TargetCompany ransomware family that targets VMware ESXi environments using a custom shell script to deliver and execute payloads.

In a report today, cybersecurity company Trend Micro says that the new Linux variant for TargetCompany ransomware makes sure that it has administrative privileges before continuing the malicious routine.

Trend Micro analysts are attributing the attacks deploying the new Linux variant of TargetCompany ransomware to an affiliate named "Vampire," who is likely the same one in a Sekoia report last month.

Typically, TargetCompany ransomware focused on Windows machines but the release of the Linux variant and the shift to encrypting VMWare ESXi machines shows the evolution of the operation.

The researchers provide a list of indicators of compromise with hashes for the Linux ransomware version, the custom shell script, and samples related to the affiliate 'vampire.

Hosting firm's VMware ESXi servers hit by new SEXi ransomware.


News URL

https://www.bleepingcomputer.com/news/security/linux-version-of-targetcompany-ransomware-focuses-on-vmware-esxi/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Linux 17 374 2505 1534 665 5078
Vmware 186 83 403 203 107 796