Security News > 2021 > October > Hive ransomware now encrypts Linux and FreeBSD systems
The Hive ransomware gang now also encrypts Linux and FreeBSD using new malware variants specifically developed to target these platforms.
The ransomware's Linux version also fails to trigger the encryption if executed without root privileges because it attempts to drop the ransom note on compromised devices' root file systems.
They're just one of many ransomware gangs that have begun targeting Linux servers after their enterprise targets have slowly migrated to virtual machines for easier device management and more efficient use of resources.
In June, researchers spotted a new REvil ransomware Linux encryptor designed to target VMware ESXi virtual machines, a popular enterprise virtual machine platform.
Emsisoft CTO Fabian Wosar told BleepingComputer that other ransomware groups, such as Babuk, RansomExx/Defray, Mespinoza, GoGoogle, DarkSide, and Hellokitty have also created their own Linux encryptors.
"The reason why most ransomware groups implemented a Linux-based version of their ransomware is to target ESXi specifically," Wosar said.