Companies first migrate to virtual machines to save money, then pay a ransom for attacks on virtual machines. The latest ransomware, “Black Basta”, is one of the fastest ones adding fuel to the burning virtual machine attacks. It encrypts ESXi VM running on enterprise Linux servers and threatens to leak sensitive data if demands are unmet. Black Basta has already exploited over 50 organizations in the United States, United Kingdom, Australia, New Zealand and Canada in the last two months.