Unveiling Eldorado Ransomware: A New Threat Targeting Windows and VMware ESXi Systems
Emergence of Eldorado Ransomware
Overview:
A new ransomware-as-a-service (RaaS) called Eldorado has surfaced, targeting both Windows systems and VMware ESXi virtual machines. This threat is notable for its capacity to encrypt large networks and demand substantial ransoms.
Key Details:
• Capabilities: Eldorado ransomware has the ability to encrypt data on both Windows systems and VMware ESXi virtual machines, which are commonly used in enterprise environments. This dual capability makes it particularly dangerous for large organizations.
• Targets: Since its emergence, Eldorado has targeted a wide range of industries, including real estate, technology, education, hospitality, and municipal services. Victims include companies like Adams Homes, CelPlan, and the City of Pensacola .
Attack Mechanism:
• Ransomware-as-a-Service Model: Eldorado operates under a RaaS model, allowing affiliates to use the ransomware in exchange for a share of the ransom payments. This model significantly increases the reach and impact of the ransomware .
• Brute Force and Credential Stuffing: Attackers utilize brute force and credential stuffing techniques to gain unauthorized access to networks. Once inside, they deploy the ransomware to encrypt files and demand a ransom for the decryption keys .
Mitigation Strategies:
• Regularly Update Passwords: Ensure that passwords are regularly updated and use complex combinations to reduce the risk of brute force attacks.
• Enable Multi-Factor Authentication (MFA): Adding an extra layer of security can prevent unauthorized access even if passwords are compromised.
• Use Robust Security Solutions: Implement comprehensive security solutions, including endpoint protection, network monitoring, and regular security audits.
Sources:
• TechRadar: Detailed the emergence and capabilities of Eldorado ransomware, highlighting its dual-targeting of Windows and VMware ESXi systems.
• BleepingComputer: Reported on the ransomware’s RaaS model and the range of industries targeted by Eldorado.
• Daily Dark Web: Provided a list of victims and insights into the broad scope of Eldorado’s attacks across various sectors.
[ad_2]
source
