Skip to content

Ransomware on the virtual machine complicates recovery

November 9, 2022 – Published on IT Brew

After years of encrypting hard drives, ransomware threat actors have hit on a different target: virtual machines. A successful compromise of a “host” platform holding “guest” VMs allows efficient hackers to get riches for their ransomware.

Virtually possible. A number of ransomware gangs have zeroed in on virtual machines—VMware recently noted a number of ESXi targeters.

A set of virtualized servers in one place is a jackpot to cybercriminals, said Drew Schmitt, principal threat intelligence analyst at the cybersecurity services firm GuidePoint Security. “Now, you’re encrypting the entire server by just encrypting one file,” Schmitt told IT Brew.

Read More HERE.