top of page

Ransomware ESXiArgs: back but worse

Since February 8th, there have been numerous attacks by the ESXIArgs ransomware. Overall, more than 3,000 servers have been affected, including information on courts, universities, the Florida Supreme Court, etc.

This ransomware remotely encrypts the configuration files of vulnerable VMware ESXI servers. This wave of attacks includes a modified encryption process that encrypts more data in larger files. This change prevents previous recovery tools from recovering the machines because the files will have too much encrypted data to be usable.

Some victims reported that SLP had disabled their devices and that they had still been stolen and encrypted.

Following this wave of attacks, the CNIL issued a press release warning about updating VMWare ESXI hypervisors. It proposes a list of things to do in order to protect oneself as well as possible from these attacks.

Recent Posts

See All

On 9 March 2023, the Centre Hospitalier Régional Universitaire of Brest was victim of an intrusion into its information system. For the moment no details have been communicated concerning the type of

On 25 January, several Ramsay Santé Group establishments were affected by a cyber attack. Three of them are located in the Auvergne Rhône Alpes region, including the Jean-Mermoz private hospital (Lyon

Follow our adventures !

  • Discord
  • Twitter
  • Linkedin

Subscribe to our newsletter

Be notified every time we have news !

Thanks for subscribing !

By subscribing, I agree to the General Terms of Use and Privacy Policy.

bottom of page