Bad VIB(E)s Part One: Investigating Novel Malware Persistence Within ESXi Hypervisors
released on 2022-10-03 @ 12:46:15 PM
Earlier this year, researchers identified a novel malware ecosystem impacting VMware ESXi, Linux vCenter servers, and Windows virtual machines. This malware ecosystem was initially detected during an intrusion investigation when they identified attacker commands sourced from the legitimate VMware Tools process on a Windows virtual machine hosted on a VMware ESXi hypervisor.