February 8, 2023

A global ransomware outbreak has intercepted servers affiliated to Florida’s Supreme Court and several universities in the United States and Central Europe after attackers exploited a 2-year-old vulnerability in widely used software made by California-based cloud computing giant VMWare.

According to Ransomwhere, a user generated platform that records digital extortion attempts and online ransom payments and whose figures are drawn from internet scans, these organizations are among more than 3,800 victims of a rapidly spreading digital extortion campaign that locked up thousands of servers in Europe over the weekend.

Ransomwhere stated that only four of those victims have paid ransoms so far. It is also unclear how much the ransomware, which encrypts computers and demands a payment, has disrupted operations at the victim organizations.

As the victim organizations left the vulnerable software exposed directly to the public internet, cybercriminals were able to break in more easily. The Cybersecurity and Infrastructure Security Agency (CISA) of the United States has released a recovery script in an attempt to mitigate the damage caused by the attacks, which may have been carried out by a gang known as ESXiArgs.

French and Italian government agencies have also issued warnings about the attacks late last week and over the weekend.

The sources for this piece include an article in Reuters.