The number of ESXiArgs ransomware attacks has increased recently, but it’s still unclear exactly which vulnerability threat actors are utilizing.
In ESXiArgs attacks, a mysterious threat group has been infecting VMware ESXi servers with ransomware, encrypting files, and dropping ransom notes demanding payment from the victims. Although victims are also informed in the ransom notes that their files have been stolen, researchers have not discovered any proof of data theft.
Between 1,000 and 2,000 compromised ESXi servers are currently visible on the Censys and Shodan search engines. The fact that the ransom notes left on each compromised system are directly accessible from the internet allows for the calculation of the number of compromised systems.
Read More: Surge in ESXiArgs Ransomware Attacks as Questions Linger Over Exploited Vulnerability
For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.