CISA Released Script To Recover Servers Encrypted By ESXiArgs Ransomware
Recently VMware ESXi servers were targeted by ESXiArgs ransomware, with 2800 servers getting encrypted. However, despite the numbers, the attack is considered unsuccessful since threat actors couldn't encrypt flat files, which allowed cybersecurity researchers Enes Sonmez & Ahmet Aykac of the YoreGroup Tech Team to create a method of rebuilding the virtual machines from encrypted flat files. CISA has released a recovery script on GitHub to speed up the recovery process. Read more...