AvosLocker Ransomware Linux Version Targets VMware ESXi Servers
Cyble Research Labs has identified a new Linux variant of the AvosLocker ransomware group, which demands a ransom of up to $20m (£13m) for the release of a malicious file.
REFERENCE:
https://blog.cyble.com/2022/01/17/avoslocker-ransomware-linux-version-targets-vmware-esxi-servers/
MALWARE FAMILY:
AvosLocker
ATT&CK IDS:
T1059 - Command and Scripting Interpreter, T1082 - System Information Discovery, T1189 - Drive-by Compromise, T1190 - Exploit Public-Facing Application, T1486 - Data Encrypted for Impact, T1489 - Service Stop, T1490 - Inhibit System Recovery, T1530 - Data from Cloud Storage Object, T1555 - Credentials from Password Stores
CVE : https://otx.alienvault.com/indicator/cve/CVE-2021-34523
Link : https://otx.alienvault.com/pulse/61e6e07fe17676b3e61f7052
*Beware click the link!