Security News > 2022 > November > New RansomExx Ransomware Variant Rewritten in the Rust Programming Language
The operators of the RansomExx ransomware have become the latest to develop a new variant fully rewritten in the Rust programming language, following other strains like BlackCat, Hive, and Luna.
RansomExx, also known as Defray777 and Ransom X, is a ransomware family that's known to be active since 2018.
Once executed, the ransomware recursively goes through each of the specified directories, followed by enumerating and encrypting the files using the AES-256 algorithm.
The development illustrates a new trend where a growing number of malicious actors are building malware and ransomware with lesser-known programming languages like Rust and Go, which not only offer increased cross-platform flexibility but can also evade detection.
"RansomExx is yet another major ransomware family to switch to Rust in 2022," Hammond explained.
"While these latest changes by RansomExx may not represent a significant upgrade in functionality, the switch to Rust suggests a continued focus on the development and innovation of the ransomware by the group, and continued attempts to evade detection."