TargetCompany’s Linux Variant is Targeting ESXi Environments


Researchers discovered a new Linux variation of the TargetCompany ransomware family that targets VMware ESXi setups and uses a custom shell script to distribute and execute payloads.

The TargetCompany ransomware operation, also known as Mallox, FARGO, and Tohnichi, began in June 2021 and has since focused on database attacks (MySQL, Oracle, SQL Server) against organisations mostly in Taiwan, South Korea, Thailand, and India.

In February 2022, antivirus company Avast announced the release of a free decryption tool that covered all variations released up to that point. By September, however, the group had resumed regular activity, targeting vulnerable Microsoft SQL servers and threatening victims with disclosing stolen data via Telegram. 

New Linux version 

In a report published earlier this week by cybersecurity firm Trend Micro, the new Linux edition of TargetCompany ransomware scans for administrator access before launching the malicious process. The threat actor em

Content was cut in order to protect the source.Please visit the source for the rest of the article.

This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents

Read the original article: