Security News > 2023 > March > IceFire Ransomware Exploits IBM Aspera Faspex to Attack Linux-Powered Enterprise Networks
A previously known Windows-based ransomware strain known as IceFire has expanded its focus to target Linux enterprise networks belonging to several media and entertainment sector organizations across the world.
The intrusions entail the exploitation of a recently disclosed deserialization vulnerability in IBM Aspera Faspex file-sharing software, according to cybersecurity company SentinelOne.
"This strategic shift is a significant move that aligns them with other ransomware groups that also target Linux systems," Alex Delamotte, senior threat researcher at SentinelOne, said in a report shared with The Hacker News.
The ransomware binary targeting Linux is a 2.18 MB 64-bit ELF file that's installed on CentOS hosts running a vulnerable version of IBM Aspera Faspex file server software.
"In comparison to Windows, Linux is more difficult to deploy ransomware against-particularly at scale," Delamotte said.
The development comes as Fortinet FortiGuard Labs disclosed a new LockBit ransomware campaign employing "Evasive tradecraft" to avoid detection through.
News URL
https://thehackernews.com/2023/03/icefire-linux-ransomware.html
Related news
- PipeMagic Trojan Exploits Windows Zero-Day Vulnerability to Deploy Ransomware (source)
- Sensata Technologies hit by ransomware attack impacting operations (source)
- Ransomware attack cost IKEA operator in Eastern Europe $23 million (source)
- Kidney dialysis firm DaVita hit by weekend ransomware attack (source)
- New BPFDoor Controller Enables Stealthy Lateral Movement in Linux Server Attacks (source)
- Ahold Delhaize confirms data theft after INC ransomware claims attack (source)
- Interlock ransomware gang pushes fake IT tools in ClickFix attacks (source)
- Linux 'io_uring' security blindspot allows stealthy rootkit attacks (source)
- Interlock ransomware claims DaVita attack, leaks stolen data (source)
- Craft CMS RCE exploit chain used in zero-day attacks to steal data (source)