Shulou(Shulou.com)11/24 Report--

CTOnews.com February 9, Italy's National Cyber Security Agency (ACN) issued a warning on Sunday that hackers have taken advantage of VMware ESXi server vulnerabilities to launch blackmail software attacks on thousands of servers around the world, and warned organizations to take action to protect their systems.

The U.S. Cyber Security and Infrastructure Security Agency (CISA) recently released a "ESXiArgs-Recover" script to help affected users defend against ESXiArgs attacks. CISA said the script was compiled to rebuild virtual machine metadata based on virtual disks that were not successfully encrypted during the extortion software intrusion.

The instructions for CISA scripts are as follows:

The ESXiArgs-Recover tool is used to help organizations recover virtual machines affected by ESXiArgs ransomware attacks.

CISA is aware that some organizations have reported successful recovery of documents without paying the ransom. CISA compiled the tool based on publicly available resources such as Enes Sonmez and Ahmet Aykac. The tool works by rebuilding virtual machine metadata from virtual disks that have never been encrypted by malware.

Interested CTOnews.com users can visit the GitHub page, which describes the detailed steps of how to apply the ESXiArgs-Recover script.

Related readings:

"every hour, 20 servers fall, and hackers take advantage of VMware ESXi server vulnerabilities to attack wantonly."

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.