CISA supplies ESXi Args Recover tool for data recovery
During the severe cyber attacks on thousands of older, unpatched VMare ESXi servers, many virtual machines were infected and encrypted with the ESXiArgs ransomware. ESXiArgs-Recover is a CISA tool that has already been able to recover data in some cases. CISA is aware that some companies have reported successful file recovery without paying a ransom. CISA compiled this tool based on publicly available resources, including a tutorial by Enes Sonmez and Ahmet Aykac. This tool reconstructs virtual machine metadata from virtual disks that were not encrypted by the malware….