Widespread cyberattack hits servers across Europe

News
By published

Two-year-old flaw is being leveraged in ransomware attacks

Ransomware
(Image credit: Pixabay)

Hackers are exploiting a known vulnerability in VMware’s ESXi servers on a huge scale, targeting endpoints across Europe and North America, government officials and company spokespeople have confirmed.

Italy’s National Cybersecurity Agency (ACN) has warned businesses using these VMware products to update their devices immediately, and thus stay safe from the ongoing cybercrime campaign. 

ANSA (a major Italian news agency) further said that besides servers in Italy, hackers also targeted those located in France, Finland, the United States, and Canada. 

500 victims and counting

Reports have claimed “dozens” of organizations in Italy were affected by the campaign. The agency says companies were warned to take action “to avoid being locked out of their systems”, suggesting that the attackers were using the vulnerability in ransomware campaigns. 

Across the Atlantic, US cybersecurity officials were analyzing the incoming reports:

"CISA is working with our public and private sector partners to assess the impacts of these reported incidents and providing assistance where needed," Reuters cited the US Cybersecurity and Infrastructure Security Agency.

A VMware spokesperson said the hackers were abusing a flaw that was discovered in early 2021, and patched in February of that year. The company also urged its customers to apply the patch immediately. 

Read more

> You're a ransomware victim: Here's 5 things you should do

> This new ransomware is seeing rapid growth, so beware

> Remove viruses and ransomware with the best malware removal

A separate report published by The Stack claims more than 500 companies have so far been affected by the campaign and indeed, it was a ransomware attack. Businesses in France are allegedly worst-hit. The country’s national government computer security incident response team, CERT-FR, says the attack is semi-automated, targeting servers vulnerable to CVE-2021-21974.

The flaw is described as an OpenSLP HeapOverflow vulnerability, allowing threat actors to execute code remotely.

So far, we don’t know which ransomware group initiated the attack and which encryptor is being deployed, but reports are saying that roughly 20 servers get hit every hour.

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read more
A person holding out their hand with a digital AI symbol.
This ransomware gang is using SSH tunnels to target VMware appliances
A person at a laptop with a cybersecure lock symbol floating above it.
Hackers are still using old Ivanti bugs to break into networks
vpn
Ivanti warns another critical security flaw is being attacked
Best free Linux firewalls
Fortinet warns a critical vulnerability in its systems could let attackers breach company networks
The best free firewall
Palo Alto warns another major firewall hack has been detected
A VPN runs on a mobile phone placed on a laptop keyboard
SonicWall firewalls hit by worrying cyberattack
Latest in Security
Data Breach
Thousands of healthcare records exposed online, including private patient information
China
Juniper patches security flaws which could have let hackers take over your router
Representational image depecting cybersecurity protection
GitLab has patched a host of worrying security issues
Ai tech, businessman show virtual graphic Global Internet connect Chatgpt Chat with AI, Artificial Intelligence.
AI agents can be hijacked to write and send phishing attacks
China
Volt Typhoon threat group had access to American utility networks for the best part of a year
Abstract image of cyber security in action.
MassJacker malware targets those looking for pirated software
Latest in News
A super close up image of the Google Gemini app in the Play Store
It's official: Google Assistant will be retired for phones this year, with Gemini taking over
Quordle on a smartphone held in a hand
Quordle hints and answers for Sunday, March 16 (game #1147)
NYT Strands homescreen on a mobile phone screen, on a light blue background
NYT Strands hints and answers for Sunday, March 16 (game #378)
NYT Connections homescreen on a phone, on a purple background
NYT Connections hints and answers for Sunday, March 16 (game #644)
Three iPhone 16 handsets on show
Apple could launch an iPhone 17 Ultra this year – but we've heard these rumors before
Super Mario Odyssey
ChatGPT is the ultimate gaming tool - here's 4 ways you can use AI to help with your next playthrough
More about security
Email

Over 90% of Americans demand a "right-to-disconnect" law which would protect them from out-of-hours work communication
A hand holding an iPhone with the iCloud logo on screen.

"I have nothing to hide" - our readers react to Apple getting secret hearing in appeal against UK government
diamond gemstone

Diamond set to become mainstream coolant for AI GPU servers as world’s best thermal conductor promises 25% better overclocking, and 'double performance per watt'
See more latest
Most Popular
diamond gemstone
Diamond set to become mainstream coolant for AI GPU servers as world’s best thermal conductor promises 25% better overclocking, and 'double performance per watt'
Zuckerberg Meta AI
Meta powers ahead with conscious chip uncoupling with Nvidia as it tests its first in-house training AI-PU
Email
Over 90% of Americans demand a "right-to-disconnect" law which would protect them from out-of-hours work communication
A super close up image of the Google Gemini app in the Play Store
It's official: Google Assistant will be retired for phones this year, with Gemini taking over
NYT Strands homescreen on a mobile phone screen, on a light blue background
NYT Strands hints and answers for Sunday, March 16 (game #378)
Quordle on a smartphone held in a hand
Quordle hints and answers for Sunday, March 16 (game #1147)
NYT Connections homescreen on a phone, on a purple background
NYT Connections hints and answers for Sunday, March 16 (game #644)
Gachapon Capsure Station
Somewhere in Japan is a dispenser where you can buy toy rack servers complete with cute Dell PowerEdge 2U servers
An angry Mark Grayson flying towards the camera in Invincible season 3 episode 7
Invincible season 4: everything we know so far about the hit Prime Video show's next chapter
Three iPhone 16 handsets on show
Apple could launch an iPhone 17 Ultra this year – but we've heard these rumors before