New Ransomware Group Cicada3301 Targets VMware ESXi Hypervisors: Are Enterprises Safe?
A new ransomware group, Cicada3301, is specifically targeting VMware ESXi hypervisors. With encryptors for both Windows and ESXi, the group aims to maximize damage in enterprise environments. Researchers suggest Cicada3301 might be linked to the notorious ALPHV/BlackCat, known for its infamous heist on Change Healthcare.
Hot Take:
Just when you thought it was safe to go back into the hypervisor, Cicada3301 buzzes in, bringing ransomware chaos to VMware ESXi. Looks like the ransomware world’s got a new troublemaker, and it’s not here to play nice!
Key Points:
- Cicada3301 targets VMware ESXi hypervisors with a new ransomware encryptor.
- The group operates two encryptors: one for Windows devices and another for VMware ESXi.
- The ransomware operation began in early June, recruiting affiliates by the end of the month.
- Researchers suspect Cicada3301 might be a rebranded version or a fork of the notorious ALPHV/BlackCat group.
- ALPHV/BlackCat previously made headlines for vanishing with a $22 million ransom from Change Healthcare.
Membership Required
You must be a member to access this content.