From bleepingcomputer.com
Researchers observed a new Linux variant of the TargetCompany ransomware family that targets VMware ESXi environments using a custom shell script to deliver and execute payloads.
Also known as Mallox, FARGO, and Tohnichi, the TargetCompany ransomware operation emerged in June 2021 and has been focusing on database attacks (MySQL, Oracle, SQL Server) against organizations mostly in Taiwan, South Korea, Thailand, and India.
In February 2022, antivirus firm Avast announced the availability of a free decryption tool that covered variants released up to that date. By September, though, the gang bounced back into regular activity targeting vulnerable Microsoft SQL servers and threatened victims with leaking stolen data over Telegram.