_ronstik_alamy.jpg?disable=upscale&width=1200&height=630&fit=crop)
July 15, 2024 at 04:42PM
The SEXi ransomware group, now operating as APT Inc., uses leaked Babuk and LockBit 3 encryptors to target VMware ESXi and Windows servers. They demand ransom varying from thousands to millions and have no known weaknesses in their encryption methods. Victims have publicly shared their experiences, including ransom notes with payment instructions.
Based on the meeting notes, the group known as SEXi ransomware has rebranded as APT Inc. and has continued its cyber attacks using leaked encryptors to target VMware ESXi and Windows servers. The group is demanding ransom amounts ranging from thousands to millions of dollars from their victims. Some victims have publicly shared their experiences with APT Inc. attacks, including details of the ransom notes received. Currently, there are no known weaknesses in the encryptors used by APT Inc., and there is no free method for recovering the files encrypted by these encryptors.