{"id":2494,"date":"2025-07-08T20:38:10","date_gmt":"2025-07-08T18:38:10","guid":{"rendered":"https:\/\/www.apvnorge.no\/bert-ransomware-forcibly-shut-down-esxi-virtual-machines-to-disrupt-recovery\/"},"modified":"2025-07-08T20:38:10","modified_gmt":"2025-07-08T18:38:10","slug":"bert-ransomware-forcibly-shut-down-esxi-virtual-machines-to-disrupt-recovery","status":"publish","type":"post","link":"https:\/\/www.apvnorge.no\/cz\/bert-ransomware-forcibly-shut-down-esxi-virtual-machines-to-disrupt-recovery\/","title":{"rendered":"BERT Ransomware Forcibly Shut Down ESXi Virtual Machines to Disrupt Recovery"},"content":{"rendered":"<div id=\"apvno-1342837523\" class=\"apvno-before-content apvno-entity-placement\"><script async src=\"\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js?client=ca-pub-7003427967427457\" crossorigin=\"anonymous\"><\/script><ins class=\"adsbygoogle\" style=\"display:inline-block;width:970px;height:250px;\" \ndata-ad-client=\"ca-pub-7003427967427457\" \ndata-ad-slot=\"6272152047\"><\/ins> \n<script> \n(adsbygoogle = window.adsbygoogle || []).push({}); \n<\/script>\n<\/div>\n<p>New ransomware group employs advanced virtualization attack tactics to maximize damage and hinder organizational recovery efforts.<\/p>\n\n\n\n<p>A newly emerged ransomware group known as&nbsp;<a href=\"https:\/\/cybersecuritynews.com\/bert-ransomware-upgrades-to-attacks-linux-machines\/\" target=\"_blank\" rel=\"noreferrer noopener\">BERT<\/a>&nbsp;has introduced a particularly disruptive capability that sets it apart from traditional ransomware operations: the ability to forcibly terminate ESXi virtual machines before encryption, significantly complicating recovery efforts for targeted organizations.&nbsp;<\/p>\n\n\n\n<p>First observed in April 2025, BERT (tracked by Trend Micro as Water Pombero) has quickly established itself as a serious threat to virtualized environments across Asia, Europe, and the United States.<\/p>\n\n\n\n<p>\u2026<\/p>\n\n\n\n<p><a href=\"https:\/\/share.google\/KsswjV2ejJhjNApcV\">https:\/\/share.google\/KsswjV2ejJhjNApcV<\/a><\/p>\n<div id=\"apvno-1563074554\" class=\"apvno-after apvno-entity-placement\"><script>\r\n_adsys_id = 33949;\r\n_adsys_size = 1;\r\n<\/script>\r\n<script src=\"https:\/\/d.wedosas.net\/d.js\"><\/script>    \r\n<\/br>\r\n<div>\r\n<script async src=\"https:\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js\"><\/script>\r\n<!-- AD-4 -->\r\n<ins class=\"adsbygoogle\"\r\n     style=\"display:inline-block;width:970px;height:250px\"\r\n     data-ad-client=\"ca-pub-7003427967427457\"\r\n     data-ad-slot=\"6272152047\"><\/ins>\r\n<script>\r\n     (adsbygoogle = window.adsbygoogle || []).push({});\r\n<\/script><\/div>\r\n<a href=\"https:\/\/affiliates.ssl.com\/820-3-1-13.html\" target=\"_blank\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" style=\"border:0px\" src=\"https:\/\/i0.wp.com\/affiliates.ssl.com\/media\/banners\/SSL-banner-UC-certificate-2-v5.png?resize=640%2C79&#038;ssl=1\" width=\"640\" height=\"79\" alt=\"Microsoft Exchange SAN UCC SSL\"><\/a><\/div>","protected":false},"excerpt":{"rendered":"<p>New ransomware group employs advanced virtualization attack tactics to maximize damage and hinder organizational recovery efforts. A newly emerged ransomware group known as&nbsp;BERT&nbsp;has introduced a particularly disruptive capability that sets it apart from traditional ransomware operations: the ability to forcibly terminate ESXi virtual machines before encryption, significantly complicating recovery efforts for targeted organizations.&nbsp; First observed [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_exactmetrics_skip_tracking":false,"_exactmetrics_sitenote_active":false,"_exactmetrics_sitenote_note":"","_exactmetrics_sitenote_category":0,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"_uf_show_specific_survey":0,"_uf_disable_surveys":false,"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[44],"tags":[71,34],"class_list":["post-2494","post","type-post","status-publish","format-standard","hentry","category-hackers","tag-esxi","tag-linux"],"translation":{"provider":"WPGlobus","version":"3.0.2","language":"cz","enabled_languages":["en","no","cz"],"languages":{"en":{"title":true,"content":true,"excerpt":false},"no":{"title":false,"content":false,"excerpt":false},"cz":{"title":false,"content":false,"excerpt":false}}},"aioseo_notices":[],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p9T0bk-Ee","jetpack-related-posts":[],"jetpack_likes_enabled":true,"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/www.apvnorge.no\/cz\/wp-json\/wp\/v2\/posts\/2494","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.apvnorge.no\/cz\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.apvnorge.no\/cz\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.apvnorge.no\/cz\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.apvnorge.no\/cz\/wp-json\/wp\/v2\/comments?post=2494"}],"version-history":[{"count":0,"href":"https:\/\/www.apvnorge.no\/cz\/wp-json\/wp\/v2\/posts\/2494\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.apvnorge.no\/cz\/wp-json\/wp\/v2\/media?parent=2494"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.apvnorge.no\/cz\/wp-json\/wp\/v2\/categories?post=2494"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.apvnorge.no\/cz\/wp-json\/wp\/v2\/tags?post=2494"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}