RTM Locker is now the most recent enterprise-targeting ransomware operation found to be using a Linux encryptor to target virtual machines on VMware ESXi systems. The RTM (Read The Manual) cybercrime group, which is well-known for disseminating a unique banking virus designed to steal money from victims, has been engaged in financial fraud since at least 2015.
Read full article on Heimdal Security Blog