"Linux Version of RansomHub Ransomware Targets VMware ESXi VMs"
The "RansomHub" ransomware operation is using a Linux encryptor designed to encrypt VMware ESXi environments in attacks against organizations. RansomHub, a Ransomware-as-a-Service (RaaS) operation, active since February 2024, has claimed over 45 victims in 18 countries and shares code with "ALPHV/BlackCat" and "Knight" ransomware. This article continues to discuss findings regarding RansomHub's ESXi encryptor.
BleepingComputer reports "Linux Version of RansomHub Ransomware Targets VMware ESXi VMs"
Submitted by grigby1
Submitted by Gregory Rigby
on