Cybercrime or cyberwar is taking a toll on servers across Europe and North America, and cybersecurity experts are warning businesses to be cautious. A flaw in VMware’s ESXi servers has been widely exploited by hackers, putting endpoints in multiple countries at risk. The National Cybersecurity Agency of Italy has issued an urgent warning to businesses using these VMware products, urging them to update their systems to avoid being locked out.
Cyberattack Wave Sweeps Across Two Continents
Reports suggest that dozens of organizations in Italy alone have fallen victim to the massive cybercrime campaign, with approximately 20 servers being hit every hour.
Over 500 companies have been affected by the attack, with businesses in France being the hardest hit. CERT-FR, France’s national government computer security incident response team, has confirmed the semi-automated attack targets servers vulnerable to CVE-2021-21974.
OpenSLP HeapOverflow Vulnerability
The hackers have exploited an OpenSLP HeapOverflow vulnerability, giving them the ability to execute code remotely.
US cybersecurity officials are working with private and public sector partners to evaluate the impact of the reported incidents and offer help as needed. CISA is analyzing incoming reports.
A spokesperson for VMware confirmed that the hackers are exploiting a flaw that was found in early 2021 and patched in February of that year. VMware has advised its customers to apply the patch immediately to prevent further attacks.
It is unclear which ransomware group initiated the attack and which encryptor is being used, but the situation is rapidly evolving. Cybersecurity experts are warning businesses to be vigilant and take immediate action to protect their servers.
Tip of the day: Need to create an ad-hoc network from your PC? In our tutorial we show you how to easily create a shareable wireless internet connection in Windows as a free WIFI hotspot.