Sophos has detected a new malware that targets ESXi hypervisor based Virtual Machines(VM) and the highlight is that it takes just 3 hours time frame to reach encryption stage from breach.
Researchers from the Britain-based Cybersecurity firm say that this is the first time that they have seen a rapidly infecting malware on Linux based VMs written in python language.
As ESXi hypervisors can act as a single channel to infect multiple VMs at once, threat actors are seen targeting these machines to achieve faster disruption in a minute time frame.
So, experts are advising admins operating ESXi hypervisors to follow basic security practices like deploying layered protection, using anti-ransomware solutions that can detect and respond to alerts in a timely manner, setup a strong password, use multi-factor authentication, and use VPN for remote management, backing up information and apps, auditing their active directories on a monthly or bi-monthly basis, and keeping their software up-to date with all necessary updates.
Meantime, Ermetic, a cloud based security company, has made a recent study in which it discovered that the security posture of AWS Cloud environments were too weak, making them super vulnerable to ransomware attacks.
Ermetic researchers claim that as more and more customers are moving to cloud, IP based platforms such as AWS and Azure are being targeted by sophisticated ransomware attacks. And the reason for hackers to do so is simple, hit a large company that can help quench their financial needs through ransom pay.