Security News > 2022 > July > New Rust-based Ransomware Family Targets Windows, Linux, and ESXi Systems
Kaspersky security researchers have disclosed details of a brand-new ransomware family written in Rust, making it the third strain after BlackCat and Hive to use the programming language.
Luna, as it's called, is "Fairly simple" and can run on Windows, Linux, and ESXi systems, with the malware banking on a combination of Curve25519 and AES for encryption.
Advertisements for Luna on darknet forums suggest that the ransomware is intended for use only by Russian-speaking affiliates.
"Luna confirms the trend for cross-platform ransomware," the researchers stated, adding how the platform agnostic nature of languages like Golang and Rust are giving the operators the ability to target and attack at scale and evade static analysis.
Luna is far from the only ransomware to set its eyes on ESXi systems, what with another nascent ransomware family known as Black Basta undergoing an update last month to include a Linux variant.
This enables the ransomware to go undetected and easily lock the desired files.
News URL
https://thehackernews.com/2022/07/new-rust-based-ransomware-family.html
Related news
- JPCERT shares Windows Event Log tips to detect ransomware attacks (source)
- Use Windows event logs for ransomware investigations, JPCERT/CC advises (source)
- Windows infected with backdoored Linux VMs in new phishing attacks (source)
- New CRON#TRAP Malware Infects Windows by Hiding in Linux VM to Evade Antivirus (source)
- New 'Helldown' Ransomware Variant Expands Attacks to VMware and Linux Systems (source)