Hackers are using a critical flaw in VMware as part of a ransomware campaign targeting thousands of organizations

Hackers are using a critical flaw in VMware as part of a ransomware campaign targeting thousands of organizations

Hackers are targeting a two-year-old VMware server software vulnerability in a ransomware campaign aimed at extorting thousands of companies around the world, Italy’s National Cybersecurity Agency warned on Saturday (Feb. 4). The cybersecurity agency estimated the attack to be in its third-highest threat category.

The cyberattack exploited a known software vulnerability, demanding 2.06 bitcoin ($19,000) in ransom payments from companies in the US, Canada, and across Europe, including Italy, Germany, and France. It’s not yet clear who are the hackers behind the attack that has affected more than 3,200 servers so far, but Italy’s NCA excluded the possibility of a state-like entity.

A spokesperson for VMware said the company patched the issue when it first came to light in 2021 and is urging customers to update to the newest software in order to protect their systems. “Organizations who are running versions of ESXi impacted by [the ransomware]and have not yet applied the patch, should take action as directed in the advisory,” company spokesperson Doreen Ruyak told Techcrunch.

The ransomware attack could not have come at a worse time for the company, as VMware is currently in the process of a major and much-scrutinized acquisition by US chip manufacturer Broadcom.

Antitrust regulators scrutinize Broadcom’s purchase of VMware

Antitrust regulators in the US and Europe are actively investigating Broadcom’s proposed $61 billion purchase of VMware. EU officials specifically cited the deal’s potential to concentrate ownership on both sides of the data storage process, preventing competitors from using industry-standard software.

“We are concerned that after the merger, Broadcom could prevent its hardware rivals to interoperate with VMware’s server virtualization software. This would lead to higher prices, lower quality, and less innovation for customers and consumers,” Margrethe Vestager said in an EU press release.

Representatives for both companies say it wouldn’t make financial sense for Broadcom to limit competitor access to VMware’s software, similar to how IBM keeps its Red Hat software open-source. It is common practice for deals of this size to be scrutinized by competition authorities, and the deal has already been approved by regulators in Germany, France, Brazil, and Canada.

A timeline of VMware’s evolution, from $625 million to $61 billion:

1998: Graduate students at UC Berkeley found the company with Diane Greene at the helm as CEO. The company only has 20 employees during its first year of operation.

1999: VMware’s first product, the VMware Workstation, is launched. It allows users to operate multiple servers on just one personal computer.

2001: The company officially enters the server market, launching the GSX (hosted) and ESX (hostless) servers.

2004: EMC, a major data storage company, acquires VMware outright for $625 million.

2007: EMC takes VMware publicwith shares priced at $29.

2008: After a poor financial performance, EMC fires CEO and founder Diane Greene. She is replaced by the head of EMC’s cloud computing unit, Paul Maritz.

2012: Pat Genslinger, former head of strategy at EMC, is appointed the new CEO of VMware.

2016: Dell acquires EMC, bringing their own cloud server unit to the company and making the VMware Workstation redundant. In response, VMware executives announce mass layoffs, including all US-based developers working on the Workstation product.

2017: Glassdoor ranks VMware as the third highest-paying company in the US.

2021: Dell announces that it would sell off its remaining stake in the company, effectively de-merging the two companies. As a consequence of the decisionGenslinger resigns as CEO and is replaced by Raghu Raghuram, a long-time executive at the company.

2022: Broadcom announces it will acquire VMware for $61 billion. Antitrust regulators for the UK and the US announce investigations into the purchase.

2023: Hackers infiltrate VMware’s servers using the Log4Shell vulnerability, impacting thousands of customers.

Related stories:

📦 The FTC is preparing a wide-ranging antitrust lawsuit against Amazon

💰Activision Blizzard was fined $35 million for neglecting employee complaints

📱The ongoing big tech antitrust cases to watch in 2023

Read More