13
Dec
It is recommended that administrators of ESXi servers monitor the existence of the files listed above, as well as any content added to the local.sh file. The local.sh file could also be a good candidate for file integrity monitoring.
In addition, it would be valuable to monitor for changes to any ESXi configuration files or maintain the state of the configuration files with a configuration management platform like SaltStack, Ansible, or Puppet.
Of course, proper restrictions on incoming traffic to ESXi servers are valuable as well.
https://www.bleepingcomputer.com/news/security/new-python-malware-backdoors-vmware-esxi-servers-for-remote-access/
