Exsiargs

Malware Profile Updated 13 days ago
Download STIX
Preview STIX
EXSiArgs is a form of malware, specifically a ransomware strain that targets specific vulnerabilities in computer systems. Ransomware is malicious software designed to block access to a computer system until a sum of money is paid. EXSiArgs is one of many threats developed from the leaked Babuk code, which has spawned multiple ransomware strains including Rook, Night Sky, Pandora, Cheerscrypt, AstraLocker, Rorschach, RTM Locker, and RA Group. These ransomware strains exploit different vulnerabilities and are designed to cause maximum disruption and damage. According to the Cybersecurity & Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI), approximately 3800 servers worldwide have been compromised by EXSiArgs. This ransomware strain, as its name suggests, primarily targets VMware hypervisors, a type of platform that allows multiple operating systems to run on a single host computer simultaneously. The widespread impact of EXSiArgs underscores the significant threat posed by this type of malware. Several notable descendants of the Babuk code have emerged, each exploiting unique vulnerabilities. For instance, the Nokoyawa strain exploited a Windows Common Log File System zero-day vulnerability, while the Rorschach strain drew inspiration from various other ransomwares, confounding researchers when it first appeared in April 2023. The emergence of these varied strains highlights the adaptability of ransomware threats and the ongoing need for robust cybersecurity measures.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the Exsiargs Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
CERT-EU
4 months ago
Babuk Tortilla ransomware decryptor made available | #ransomware | #cybercrime | National Cyber Security Consulting
CERT-EU
a year ago
New ransomware gang RA Group quickly expanding operations
Malwarebytes
a year ago
New ESXiArgs encryption routine outmaneuvers recovery methods
CERT-EU
a year ago
VMWare ESXi Servers Targeted by Ransomware Gangs