Ransomware groups are increasingly targeting ESXi hypervisors, with a rising number of attacks based on the leaked Babuk source code seen in 2023. However, although the ESXiArgs campaign appeared to be based on Babuk, SentinelOne found only minor similarities. The company also identified unexpected links between different ransomware families. Companies using ESXi are particularly vulnerable if they lack an accurate understanding of their network assets and public internet exposure.
Hackers are selling counterfeit phones with crypto-stealing malware
Kaspersky has identified thousands of low-cost Android smartphones sold online that come with preinstalled malware programmed to steal cryptocurrency details. The devices are infected with
