Over 2,000 Computers Infected in 24 Hours Exploiting a Two-year-old MVware Vulnerability

In early February, Mware ESXI servers around the world suffered an extensive targeted ransomware attack, exploiting a known vulnerability which was patched back in February 2021 (CVE-2021-21974).

European Authorities, including French Computer Emergency Response Team and Italy’s national cybersecurity authority (ACN), officially warned organizations worldwide against the massive attack on ESXi servers, that has soon become one of the most extensive ransomware cyberattack ever reported on non-Windows machines.

The breach represents just the latest example of hackers leveraging old vulnerabilities in widely used software: despite being conducted on a relatively small scale, the attack highlights in fact the catastrophic consequences that can result from such a breach, particularly since a significant number of software users were alerted years in advance but failed to take precautions.