Security News > 2024 > June > Linux version of TargetCompany ransomware focuses on VMware ESXi

Linux version of TargetCompany ransomware focuses on VMware ESXi
2024-06-05 23:17

Researchers observed a new Linux variant of the TargetCompany ransomware family that targets VMware ESXi environments using a custom shell script to deliver and execute payloads.

In a report today, cybersecurity company Trend Micro says that the new Linux variant for TargetCompany ransomware makes sure that it has administrative privileges before continuing the malicious routine.

Trend Micro analysts are attributing the attacks deploying the new Linux variant of TargetCompany ransomware to an affiliate named "Vampire," who is likely the same one in a Sekoia report last month.

Typically, TargetCompany ransomware focused on Windows machines but the release of the Linux variant and the shift to encrypting VMWare ESXi machines shows the evolution of the operation.

The researchers provide a list of indicators of compromise with hashes for the Linux ransomware version, the custom shell script, and samples related to the affiliate 'vampire.

Hosting firm's VMware ESXi servers hit by new SEXi ransomware.


News URL

https://www.bleepingcomputer.com/news/security/linux-version-of-targetcompany-ransomware-focuses-on-vmware-esxi/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Linux 11 64 2532 1569 67 4232
Vmware 146 11 222 256 102 591