The REvil ransomware operation is now using a Linux encryptor that targets and encrypts Vmware ESXi virtual machines.
With the enterprise moving to virtual machines for easier backups, device management, and efficient use of resources, ransomware gangs increasingly create their own tools to mass encrypt storage used by VMs.
In May, Advanced Intel’s Yelisey Boguslavskiy shared a forum post from the REvil operation where they confirmed that they had released a Linux version of their encryptor that could also work on NAS devices.
Read more…
Source: Bleeping Computer
