Malicious Actors Distribute Trojanized KeePass Versions Leading to ESXi Ransomware Attacks

Malicious actors have been distributing trojanized versions of the KeePass password manager for at least eight months. These malicious versions install Cobalt Strike beacons, steal credentials, and ultimately deploy ransomware on the compromised network. The attacks specifically target ESXi environments. The impacts include network compromise and ransomware deployment.