#SEXiRansomware

SEXi Ransomware Rebrands as ‘APT Inc.,’ Keeps Old Methods

by

July 15, 2024 at 04:42PM The SEXi ransomware group, now operating as APT Inc., uses leaked Babuk and LockBit 3 encryptors to target VMware ESXi and Windows servers. They demand ransom varying from thousands to millions and have no known weaknesses in their encryption methods. Victims have publicly shared their experiences, including ransom notes with … Read more

Chilean hosting firm’s VMware ESXi servers hit by new SEXi ransomware

by

April 3, 2024 at 06:02PM Chilean data center and hosting provider IxMetro Powerhost fell victim to a ransomware attack by a new gang called SEXi, impacting VMware ESXi servers and backups. The CEO stated that negotiations with the attackers are discouraged, and the ransom demand equates to $140 million. PowerHost is working with security agencies … Read more