Linux Variant of REvil Ransomware Targets VMware’s ESXi, NAS Devices
#1
Information 
Quote:Cybercriminals behind a string of high-profile ransomware attacks, including one extorting $11 million from JBS Foods last month, have ported their malware code to the Linux operating system. The unusual move is an attempt to target VMware’s ESXi virtual machine management software and network attached storage (NAS) devices that run on the Linux operating system (OS).
 
Researchers at AT&T Cybersecurity said they have confirmed four Linux samples of the REvil malware in the wild.
 
Ofer Caspi, security researcher at Alien Labs, a division of AT&T Cybersecurity, wrote in a Thursday blog that after receiving a tip from MalwareHuntingTeam it identified the four samples.
 
“REvil ransomware authors have expanded their arsenal to include Linux ransomware, which allows them to target ESXi and NAS devices,” Caspi wrote.
 
In a nod to research by AdvIntel in early May 2021, which reported REvil’s intent to port its Windows-based ransomware to Linux, Caspi confirmed the Linux variant was spotted in May “affecting *nix systems and ESXi.”
 
“The samples are ELF-64 executables, with similarities to the Windows REvil executable, being the most noticeable among the configuration options,” he wrote.
 
Executable and Linkable Format (or ELF-64) is a standard file format for executable files within Linux and UNIX-like operating systems, according to a technical breakdown.

Read more: Linux Variant of REvil Ransomware Targets VMware’s ESXi, NAS Devices | Threatpost
[-] The following 1 user says Thank You to silversurfer for this post:
  • harlan4096
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:





[-]
Recent Posts
Google files remedies proposal in DOJ's ...
The U.S. Departmen...harlan4096 — 09:48
PowerToys 0.87.1
PowerToys 0.87.1 ...harlan4096 — 09:46
GFYI [Official] EaseUS Christmas 2024 B...
Merry Christmas and ...zevish — 08:07
AirVPN Christmas Sale 2024!
AirVPN CHRISTMAS SAL...jasonX — 07:52
ON1 Software
ON1 Photo RAW 2025.1...jasonX — 06:29

[-]
Birthdays
Today's Birthdays
No birthdays today.
Upcoming Birthdays
No upcoming birthdays.

[-]
Online Staff
harlan4096's profile harlan4096
Administrator

>