Critical VMware Vulnerability Exploited To Drop Miners And Ransomware

According to security researchers, hackers are still exploiting the critical VMware vulnerability (CVE-2022-22954) that allows them to drop various malware variants including the RAR1Ransom tool that locks files in password-protected archives.

The vulnerability has been actively exploited in April-May, and despite VMware releasing a security update addressing the issue, many systems still remain vulnerable.

Recently campaigns that are abusing this bug went through a change from data exfiltration campaigns to dropping miners, file-lockers, and DDoS enlisting from a Mirai variant.


Read More

Got Something To Say?

Your email address will not be published.