The ransomware compromised ESXi servers and creates .args files
New ESXiArgs ransomware attacked on ESXi Servers.
The systems currently targeted would be ESXi hypervisors in version 6.x and prior to 6.7. The compromised ESXi servers ransomware encrypts .vmxf, .vmx, .vmdk, .vmsd, and .nvram files and creates with the extensions .args on compromised ESXi servers.
Victims have also get ransom notes named “ransom.html” and “How to Restore Your Files.html” on locked systems.