.jpg)
SEXi ransomware group and its affiliates, which have been involved in a series of cyber-attacks that began in February of this year against several organizations, have been operating under the name “APT Inc.” since June of this year.
To encrypt a VMware ESXi server with a Babuk encryptor, and a Windows server with a LockBit 3 encryptor, the group uses a leaked LockBit encryptor.
In its rebranded form, the group continues to use its original techniques of encryption whilst wreaking havoc on new victims around the world, issuing ransom demands that range from thousands to millions of dollars, all to obtain access to the victims’ data.
Often called Babyk, Babuk Locker is a ransomware operation that began targeting businesses in 2021, encrypting their data and stealing it in a double-extortion attack to gain cash.
As part of the launch, SEXi is being offered as an optional add-on to the platform that targets it, as a play on its name.
As noted in a statement issued by CRONUp cybersecurity researcher Germán Fernández, PowerHost CEO Ricardo Rubem confirmed that his servers had been locked up by a ransomware variant called SEXi. It has not yet been revealed exactly how the malware gained access to PowerHost’s internal network. However, the ransomware variant was called SEXi.
During its statement, Rubem said that he was clarifying that Rubem would not be paying the ransom demanded by the
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: