REvil ransomware's new Linux encryptor targets ESXi virtual machines

Advisories

Discover Hacks/Cracks News

REvil ransomware's new Linux encryptor targets ESXi virtual machines

Revil Linux Ransomware

The REvil ransomware operation is now using a Linux encryptor that targets and encrypts Vmware ESXi virtual machines. By targeting virtual machines this way, REvil can encrypt many servers at once with a single command.

With the enterprise moving to virtual machines for easier backups, device management, and efficient use of resources, ransomware gangs increasingly create their own tools to mass encrypt storage used by VMs.

In May, Advanced Intel's Yelisey Boguslavskiy shared a forum post from the REvil operation where they confirmed that they had released a Linux version of their encryptor that could also work on NAS devices.

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.