Security News > 2024 > July > SEXi ransomware rebrands to APT INC, continues VMware ESXi attacks
The SEXi ransomware operation, known for targeting VMware ESXi servers, has rebranded under the name APT INC and has targeted numerous organizations in recent attacks.
The ransomware operation was given the name SEXi based on the SEXi.txt ransom note name and the.
Cybersecurity researcher Will Thomas later found other variants that use the names SOCOTRA, FORMOSA, and LIMPOPO. While the ransomware operation utilizes both Linux and Windows encryptors, it is known for targeting VMware ESXi servers.
Rebrands as APT INC. Since June, the ransomware operation has rebranded as APT INC, with cybersecurity researcher Rivitna telling BleepingComputer they continue to use the Babuk and LockBit 3 encryptors.
The leaked Babuk and LockBit 3 encryptors have been used to power new ransomware operations, including APT INC. The leaked Babuk encryptors have been widely adopted as they include an encryptor that targets VMware ESXi servers, which is heavily used in the enterprise.
Linux version of RansomHub ransomware targets VMware ESXi VMs. Linux version of TargetCompany ransomware focuses on VMware ESXi.
News URL
Related news
- Over 37,000 VMware ESXi servers vulnerable to ongoing attacks (source)
- US indicts 8Base ransomware operators for Phobos encryption attacks (source)
- RA World Ransomware Attack in South Asia Links to Chinese Espionage Toolset (source)
- Chinese espionage tools deployed in RA World ransomware attack (source)
- Lee Enterprises newspaper disruptions caused by ransomware attack (source)
- Southern Water says Black Basta ransomware attack cost £4.5M in expenses (source)
- Silver Fox APT Uses Winos 4.0 Malware in Cyber Attacks Against Taiwanese Organizations (source)
- Qilin ransomware claims attack at Lee Enterprises, leaks stolen data (source)
- Ransomware gangs exploit Paragon Partition Manager bug in BYOVD attacks (source)
- Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks (source)