esxiargs

Ransomware Group Profile

Overview

ESXiArgs is a ransomware campaign that emerged in February 2023, targeting VMware ESXi servers by exploiting the CVE-2021-21974 vulnerability. It encrypts virtual machine configuration files (.vmdk, .vmx, .vmxf, .vmsd, .vmsn, .vswp, .vmss, .nvram, .vmem) rendering VMs inaccessible. The campaign compromised thousands of unpatched servers globally, primarily affecting European organizations. A decryptor was later released by CISA and FBI.

Activity Timeline
First SeenUnknown
Last SeenUnknown
Leak Sites0
Quick Actions
View All GroupsThreat Actors
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Book a DemoLearn More
Setup in 5 minutesSOC 2 & ISO 27001