What do we know?
Sophos revealed that a new ransomware variant written in Python was deployed ten minutes after attackers broke into a TeamViewer account of the targeted organization.
About Python-based ransomware
- The ransomware includes different sets of encryption keys, email addresses, and options for customizing the suffix to append the encrypted files.
- Once installed, the ransomware disables all VMs and begins encryption, making it difficult for victims to decrypt the files.
At last
The growing number of ransomware attacks leveraging virtual machines is a pressing issue that organizations must take care of. Hardening the security of ESXi and other hypervisors with complex passwords is one of the best security practices to prevent attacks. Wherever possible, enable the use of MFA, and enforce the same for accounts with privileged permissions such as domain administrators.
Trending cyber news 