Social News XYZ     

Hackers actively exploiting VMware bug in ransomware campaign

Hackers actively exploiting VMware bug in ransomware campaign

New Delhi, Feb 7 (SocialNews.XYZ) Cyber-criminals are exploiting two-year-old vulnerability in Cloud software company VMware for a massive-scale ransomware attack.

France's computer emergency response team (CERT-FR) has warned that hackers have been targeting 'VMware ESXi' servers since February 3.

 

Italy's national cybersecurity agency ACN also warned of a large-scale ransomware campaign targeting thousands of servers across Europe and North America.

"In the current state of investigations, these attack campaigns seem to have taken advantage of the exposure of ESXi hypervisors which would not have been updated with security patches quickly enough," said CERT-FR.

These vulnerabilities allow an attacker to remotely exploit arbitrary code.

According to a Census search, more than 3,200 VMware servers worldwide have been compromised by the ESXiArgs ransomware campaign.

France is the most affected country, followed by the US, Germany, Canada and the UK.

A VMware spokesperson told TechCrunch that patches for the vulnerability "were made available to customers two years ago in VMware's security advisory of February 23, 2021."

"Security hygiene is a key component of preventing ransomware attacks, and organisations who are running versions of ESXi impacted by CVE-2021-21974, and have not yet applied the patch, should take action as directed in the advisory," the spokesperson said.

The ransomware campaign is already causing "significant" damage due to the number of unpatched machines.

It's not yet clear who is behind the ransomware campaign.

Source: IANS

Facebook Comments
Hackers actively exploiting VMware bug in ransomware campaign

About Gopi

Gopi Adusumilli is a Programmer. He is the editor of SocialNews.XYZ and President of AGK Fire Inc.

He enjoys designing websites, developing mobile applications and publishing news articles on current events from various authenticated news sources.

When it comes to writing he likes to write about current world politics and Indian Movies. His future plans include developing SocialNews.XYZ into a News website that has no bias or judgment towards any.

He can be reached at gopi@socialnews.xyz