apparently there is a ransomware named SEXi, that just rebranded to APT Incorporated and is causing havoc. Specifically targeting VMware ESXi servers, which are crucial for virtual machines in many organizations.
The attacker used leaked Babook and LockBit3 encryptors to lock up files related to virtual disks and backups, leaving other OS files alone.
Victims will then get a random file extension and a ransom note with instructions to contact the hackers via an encrypted messaging app. Ransom demands range from tens of thousands to millions of dollars. And as of right now, there’s no known way to decrypt these files for free.
If you do get hit with the SEXi ransomware, Check with the FBI, check with IC3, and see if a decryptor has been found for LockBit or Babook. I’m not really sure why they rebranded to APT Inc.
because SEXi was a pretty cool name.
[ad_2]
source
