A new wave of ransomware attacks targeting virtual machine platforms has emerged, with the Akira ransomware group leading a campaign against Hyper-V and VMware ESXi systems.
These attacks pose a growing threat to enterprise environments that rely on virtualization for critical operations.
The group has developed specialized tools to quickly encrypt virtual machines, causing widespread disruption across targeted networks.
The Akira ransomware targets the hypervisor layer, which manages multiple virtual machines on a single physical server.
When attackers gain access to these systems, they can encrypt numerous virtual machines simultaneously, multiplying the damage from a single intrusion.
This approach has made the malware particularly effective against organizations running data centers and cloud services.
The encryption process locks business-critical systems, forcing companies to face difficult decisions about paying ransoms or…