Security News > 2020 > November > RansomEXX trojan variant is being deployed against Linux systems, warns Kaspersky

RansomEXX trojan variant is being deployed against Linux systems, warns Kaspersky
2020-11-09 17:12

A trojan targeting Linux and deployed by a known ransomware gang has been discovered by Russian antivirus firm Kaspersky.

The trojan was, so the two said, similar to the existing RansomEXX trojan, which they said had been deployed only last week against Brazil's courts, as well as targets in the US and elsewhere.

RansomEXX's Linux variant contains few or no functions used by other ransomware families, containing no command-'n'-control server phone-home functionality or anti-analysis "Tricks".

Potentially this is because the ransomware is, well, ransomware; once deployed its presence is obvious to users and network admins alike because everything stops working, except for ransom notes demanding payment for decryption.

"Basic" ransomware attacks are typically deployed by an attacker who compromises a network well in advance, such as in Finland in October, where a psychotherapy clinic's patients had clinical notes stolen and published online.


News URL

https://go.theregister.com/feed/www.theregister.com/2020/11/09/linux_ransomware_kaspersky/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Linux 11 64 2532 1569 67 4232
Kaspersky 23 0 19 16 6 41