New Eldorado ransomware now seeking out Windows and VMware ESXi virtual machines

New Eldorado ransomware now seeking out Windows and VMware ESXi virtual machines



In March, a new ransomware called Eldorado emerged, targeting victims in the US across various industries. The cybercriminals behind Eldorado are actively promoting their malicious service on forums and seeking partners to join their program. The ransomware can encrypt both Windows and Linux systems using different variants and unique encryption algorithms. It also deletes shadow volume copies and network shares to maximize its impact. Eldorado is designed to self-delete to evade detection by response teams. Defense against Eldorado and other ransomware attacks includes implementing multi-factor authentication, using Endpoint Detection and Response, regular data backups, AI-based analytics, applying security patches, employee training, conducting security assessments, and avoiding paying ransoms.

Article Source
https://www.bleepingcomputer.com/news/security/new-eldorado-ransomware-targets-windows-VMware-esxi-vms/amp/