The Download
New campaigns by Agenda ransomware is targeting VMware vCenter and ESXi servers worldwide using system scripts and remote management and monitoring (RMM) tools to compromise VMware images.
The ransomware, built on the Rust programming language, uses system utilities to spread to VM images and also vulnerable system driver libraries to evade detection from anti-malware systems.
What You Can Do
Agenda ransomware is targeting VMware infrastructure and using system tools to find other VM targets and spread across the VM infrastructure. Securing your RMM tools, monitoring scans across the infrastructure as well as connections between machines can help detect and block the spread of the Agenda malware.
To Learn More