Ransomware gang uses SSH tunnels for stealthy VMware ESXi access www.bleepingcomputer.com/news/secu…

Ransomware actors targeting ESXi bare metal hypervisors are leveraging SSH tunneling to persist on the system while remaining undetected.

VMware ESXi appliances have a critical role in virtualized environments as they can run on a single physical server multiple virtual machines of an organization.

They are largely unmonitored and have been a target for hackers looking to access corporate networks where they can steal data and encrypt files, thus crippling an entire business by rendering all virtual machines inaccessible.