With the adoption of cloud computing technologies like containers and VMs, threat actors have started evolving their attack vectors to target this emerging platform, with VMware ESXi now in the crosshairs.
News of the Linux version of REvil’s Sodinokibi ransomware was shared by researchers from MalwareHunterTeam.
We're looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won't take more than 60 seconds of your time, and you can also choose to enter the prize draw to win a $100 Amazon voucher or one of five 1-year ExpressVPN subscriptions.
- Here’s our list of the best endpoint protection services available
- These are the best firewalls on the market
- We’ve also rounded up the best malware removal software around
Virtually real threat
Advanced Intel's Vitali Kremez, who analyzed the new REvil Linux variant, told Bleeping Computer it exhibits the same characteristics and configuration options used by the more common Windows variant.
Emsisoft CTO Fabian Wosar added that other ransomware operations, including Babuk, RansomExx/Defray, Mespinoza, GoGoogle, DarkSide, and Hellokitty, also have Linux variants in their arsenal to attack ESXi VMs.
"The reason why most ransomware groups implemented a Linux-based version of their ransomware is to target ESXi specifically," said Wosar.
As well as posing a threat to large enterprises, the development is also worrisome for small and medium businesses (SMBs), which have been among the largest adopters of virtualization for its cost saving advantages. The cost of business servers quickly adds up and virtualization technologies like ESXi aren’t just budget friendly, but also reduce the time it takes to provision and deploy servers on demand.
When it comes to guarding against these attacks, security experts have long suggested that ransomware operators and other threat actors work by exploiting security weaknesses in their targets. This means that a well-planned and implemented security strategy is essential, irrespective of security software in place.
- Here's our list of the best cloud backup services around
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’s TechRadar Pro’s expert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.