A new ransomware tool called “MrAgent” operates as a binary designed to run primarily on VMware ESXi hypervisors with the sole purpose of automating and tracking the deployment of ransomware across large environments with multiple hypervisors.
In a Feb. 14 blog post, Trellix researchers identified the gang responsible, the RansomHouse Group, as a ransomware-as-a-service operation that emerged in late 2021 that has been active deploying ransomware variants to exploit corporate…