REvil Linux Encryptor Targets ESXi Virtual Machines

June 29, 2021

REvil, a well-known ransomware group, will now conduct its operations with a Linux encryption system that targets and encrypts virtual Vmware ESXi machines, making it easier for the group to encrypt many servers simultaneously with a single command.

Vitali Kremez of Advanced Intel explained in an interview with Bleeping Computer that the new REvil Linux variant is an ELF64 executable that contains the same configuration options used by the more common Window Executable.

For Wosar “The reason why most ransomware groups implemented a Linux-based version of their ransomware is to target ESXi specifically”

For more information, read the original story in Bleeping Computer.

Top Stories

Related Articles

June 9, 2026 Hackers exploited Meta’s AI-powered support chatbot to gain control of Instagram accounts, including several high-profile profiles. Meta more...

June 5, 2026 Security researchers have disclosed a new denial-of-service attack called HTTP/2 Bomb that can overwhelm major web servers more...

May 20, 2026 The Cybersecurity and Infrastructure Security Agency, the arm of the U.S. government tasked with protecting critical infrastructure more...

May 11, 2026 Instructure has restored access to its Canvas learning platform after a cyberattack disrupted service for universities and more...

Picture of TND News Desk

TND News Desk

Staff writer for Tech Newsday.
Picture of TND News Desk

TND News Desk

Staff writer for Tech Newsday.

Jim Love

Jim is an author and podcast host with over 40 years in technology.

Share:
Facebook
Twitter
LinkedIn