1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • There's now a Linux version of this dangerous VMware ransomware

    From TechnologyDaily@1337:1/100 to All on Thu Jun 29 12:15:03 2023
    There's now a Linux version of this dangerous VMware ransomware

    Date:
    Thu, 29 Jun 2023 11:00:39 +0000

    Description:
    This ransomware is looking to target more devices as it encrypts files and demands huge sums of money.

    FULL STORY ======================================================================

    A ransomware operation known as Akira has been seen encrypting VMware ESXi virtual machines using a Linux encryptor after a couple of months of
    targeting Windows systems.

    Major industries like education and finance have been in the crosshairs of
    the new ransomware, which has been encrypting stolen data from breached networks and marking compromised files with the .akira extension.

    The double extortion attacks have seen some organizations receive demands to pay millions in return for their data, according to Bleeping Computer . Akira ransomware could soon have even more victims

    Twitter user rivitna is credited with discovering the Linux version of the ransomware, having shared screenshots on the social media platform alongside
    a sample of the Linux encryptor on VirusTotal . Read more

    The best Linux firewalls



    Ransomware gangs are losing interest in US firms



    The first victims of the MOVEit ransomware attacks have been revealed

    Targeting VMwares ESXi servers means that gangs can target more than one VM
    in a single hit, making it a potentially lucrative operation should the victims pay up.

    Comparing this VMware ESXi encryptor with others analyzed by the publication, Bleeping Computer says that Akira's encryptors lack some advanced features, notably the automatic shutting down of VMs before encrypting files.

    With the move to now threaten Linux users, more companies across the globe need to be on the lookout for signs of an attack, while simultaneously protecting their IT infrastructure from potential attacks.

    According to a fresh Cyble report, 46 publicly disclosed victims have been announced since the attacks started in April 2023, with 33 located in the US.

    Furthermore, the expansion to Linux is far from unique to Akira, with many ransomware attacks now looking to broaden their scope in the hopes of making them more lucrative.

    Potential victims should conduct regular backups, update software as soon as it becomes available, and use trusted endpoint protection software . Those likely to have been affected by ransomware are being urged to take all measures possible to protect their data by removing external drives and detaching infected devices from their networks. Boost your cybersecurity with the best ransomware protection



    ======================================================================
    Link to news story: https://www.techradar.com/pro/theres-now-a-linux-version-of-this-dangerous-vmw are-ransomware


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)