A multi-platform Python-based malware targeting Windows and Linux devices has now been upgraded to worm its way into Internet-exposed vCenter servers unpatched against a remote code execution vulnerability. The malware, dubbed FreakOut, is an obfuscated Python script designed to evade detection using a polymorphic engine and a user-mode rootkit that hides malicious files dropped on compromised systems. FreakOut spreads itself by exploiting a wide range of OS and apps vulnerabilities and brute-forcing passwords over SSH, adding infected devices to an IRC botnet controlled by its masters.
Source: https://www.bleepingcomputer.com/news/security/freakout-malware-worms-its-way-into-vulnerable-vmware-servers/