KANIPPORI
Play Ransomware Targets VMware ESXi
kanippori
August 13, 2024
10:00 am
testimonialbg
Play Ransomware Targets VMware ESXi
1. Researchers have identified a Linux variant of the Play ransomware targeting VMware ESXi environments.
2. This expansion suggests Play may broaden its attacks and increase ransom negotiations' success.
3. Play ransomware, known for double extortion, has affected around 300 organizations since June 2022.
4. The Linux variant ensures it's running in an ESXi environment before encrypting VM files with ".PLAY" extension.
5. The ransomware group is suspected to use Prolific Puma’s infrastructure for domain generation and evasion.
#playransomware #linuxransomware #vmwareesxi #cybersecurity #ransomwareattack #cyberthreats #prolificpuma #domaingeneration #infosec #cybercrime #dataencryption #malware #techsecurity #virtualmachines #doubleextortion #cybercriminals #itsecurity #threatintel #ransomwareprevention #cyberdefense
Category : Zero Day