Exsi

Malware updated 5 months ago (2024-05-04T17:02:03.467Z)
Download STIX
Preview STIX
EXSi is a malware that has been causing significant disruptions in the cyber world. This malicious software, designed to exploit and damage computer systems, infiltrates through suspicious downloads, emails, or websites. Once inside, it can steal personal information, disrupt operations, or even hold data hostage for ransom. The malware has been used by attackers to successfully shake down companies like Caesars for a ransom, and these same attackers are now targeting MGM Resorts, claiming to have crypto-locked its EXSi hypervisors. The Royal Ransomware threat group, known for being a prolific ransomware actor, is believed to be behind this attack. They have expanded their operations to target Linux platforms and EXSi servers. The developers of the Royal ransomware strain have added a Linux version which researchers believe is specifically designed to target vulnerable EXSi servers. ESXi, hosting several VMs, is a high-yielding target for attackers as they can deploy malware once and encrypt numerous servers with a single command. EXSi's attractiveness to cyberattackers lies in its ability to host multiple, data-rich virtual machines (VMs) on VMware's EXSi hypervisor platform, which runs on Linux and Linux-like OS. The emergence of EXSi stands at the intersection of two major ransomware trends: the development of malware based on the Babuk source code and a growing interest in compromising VMware EXSi servers. The new ransomware has been named ESXiArgs, reflecting its primary target - vulnerable EXSi servers.
Description last updated: 2024-04-05T01:15:38.242Z
What's your take? (Question 1 of 5)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Aliases We are not currently tracking any aliases
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Ransom
Ransomware
Vmware
Linux
Malware
MGM
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.