You must log in or # to comment.
The article makes precious little mention of how exactly they got on to the FreeBSD systems.
I’ve seen this done on VMware personally. They most likely pivoted from another system on that network with a RAT. Here’s bleeping computer article instead: https://www.bleepingcomputer.com/news/security/meet-interlock-the-new-ransomware-targeting-freebsd-servers/