"Linux Version of RansomHub Ransomware Targets VMware ESXi VMs"

The "RansomHub" ransomware operation is using a Linux encryptor designed to encrypt VMware ESXi environments in attacks against organizations. RansomHub, a Ransomware-as-a-Service (RaaS) operation, active since February 2024, has claimed over 45 victims in 18 countries and shares code with "ALPHV/BlackCat" and "Knight" ransomware. This article continues to discuss findings regarding RansomHub's ESXi encryptor.

BleepingComputer reports "Linux Version of RansomHub Ransomware Targets VMware ESXi VMs"

Submitted by grigby1