A New Ransomware Variant Dubbed ‘Cheers’ Was Discovered

VMware ESXi is a hypervisor created by VMware that is of the enterprise-class and type-1 varieties. It is used for installing and servicing virtual machines.

ESXi is a type-1 hypervisor, which means that it is not a software program that is put on an operating system; rather, it incorporates and integrates essential OS components, such as a kernel, inside itself. This makes it unique from other types of hypervisors.

The virtualization platform is widely employed by huge enterprises all over the globe; hence, encrypting these platforms often results in a significant interruption to the operations of a company.

What Happened?

Cheers is the name of a new piece of ransomware that has been discovered in the cybercrime world. This ransomware has begun its activities by focusing on unprotected VMware ESXi systems.

Researchers working for Trend Micro have identified a new strain of the Cheers ransomware, which they refer to as “Cheerscrypt.”

We recently observed multiple Linux-based ransomware detections that malicious actors launched to target VMware ESXi servers, a bare-metal hypervisor for creating and running several virtual machines (VMs) that share the same hard drive storage. We encountered Cheerscrypt, a new ransomware family, that has been targeting a customer’s ESXi server used to manage VMware

Read More: https://heimdalsecurity.com/blog/a-new-ransomware-variant-dubbed-cheers-was-discovered/