New Play Ransomware Linux Variant Targets ESXi Shows Ties
July 22, 2024, 4:13 p.m.
Tags
External References
Description
The Play ransomware group, known for double-extortion tactics and advanced evasion techniques, has developed a new Linux variant specifically designed to target VMware ESXi environments. This variant aims to encrypt virtual machines (VMs) and associated files, potentially causing significant operational disruptions. Notably, evidence suggests the Play group may be collaborating with the notorious Prolific Puma cybercriminal entity to enhance its capabilities and circumvent security measures more effectively.
Date
Published: July 22, 2024, 4:03 p.m.
Created: July 22, 2024, 4:03 p.m.
Modified: July 22, 2024, 4:13 p.m.
Attack Patterns
Coroxy
Play
T1491.001
T1568.002
T1059.004
T1070.004
T1489
T1486
T1105
T1083
T1570
T1046
T1041
Additional Informations
Professional Services
Manufacturing