Hackers targeting unpatched VMware ESXi servers

Thousands
of
computer
servers
around
the
world
have
been
targeted
by
a
ransomware
hacking
attack
targeting
VMware
ESXi
servers,
Italy’s
National
Cybersecurity
Agency
(ACN)
said,
warning
organisations
to
take
action
to
protect
their
systems.

The
attack
sought
to
exploit
a
software
vulnerability,
ACN
director
general
Roberto
Baldoni
told
Reuters,
adding
it
was
on
a
massive
scale.

A
spokesperson
for
VMware
said
the
company
is
aware
of
the
incidents
and
it
had
issued
patches
for
the
two-year-old
vulnerability
in
February
2021,
urging
its
customers
to
apply
the
patch
if
they
have
not
done
so.

Italy’s
ANSA
news
agency,
citing
the
ACN,
reported
that
servers
had
been
compromised
in
other
European
countries
such
as
France
and
Finland
as
well
as
the
United
States
and
Canada.

Dozens
of
Italian
organisations
were
likely
to
have
been
affected
and
many
more
had
been
warned
to
take
action
to
avoid
being
locked
out
of
their
systems.

US
cyber
security
officials
said
they
were
assessing
the
impact
of
the
reported
incidents.

“CISA
is
working
with
our
public
and
private
sector
partners
to
assess
the
impacts
of
these
reported
incidents
and
providing
assistance
where
needed,”
the
US
Cyber
security
and
Infrastructure
Security
Agency
said.

About Author

AndyC

Andy Curtis is an award-winning security consultant, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by state and federal government, leading healthcare and banking providers across three continents. He has given talks about computer security for some of the world’s largest companies, worked with law enforcement agencies on investigations into hacking groups, and is a regular voice on TV and radio explaining IT security threats.

See author's posts