The Abyss Locker effort is the most recent to create a Linux encryptor to attack the ESXi virtual machines platform from VMware. Akira, Royal, Black Basta, LockBit, BlackMatter, AvosLocker, REvil, HelloKitty, RansomEXX, and Hive are some further ransomware operations that use Linux ransomware encryptors, with the majority of them targeting VMware ESXi.
For improved resource management, performance, and disaster recovery, businesses are switching from individual servers to virtual machines, which has led to the development of platform-specific encryptors by ransomware gangs. Almost every ransomware gang has started to develop Linux encryptors to encrypt all virtual servers on a device, as VMware ESXi is one of the most used virtual machine platforms.