ESXiArgs Ransomware Recovery Advice

Following the discovery of a coding flaw in the ESXiArgs Ransomware, the US government Cybersecurity and Infrastructure Security Agency (CISA) and the FBI have released a document outlining how to use the various scripts and processes to recovery data after an attack:

CISA and FBI Release ESXiArgs Ransomware Recovery Guidance | CISA

But

There is now a new version of the malware that fixes the previous flaw, so new attacks with this version are unlikely to benefit from this recovery process – so get those servers patched.

New ESXiArgs ransomware version prevents VMware ESXi recovery (bleepingcomputer.com)

Further Reading

ESXiArgs ransomware is a massive problem – Smart Thinking Solutions

The bad guys do not always get it right… – Smart Thinking Solutions

Please Note:

I am on the road and away from the office, so the news this week is “in brief”. You can still contact me via the contact page and Octagon Technology.