REvil’s new Linux version

This blog was jointly authored with Ofer Caspi.
Executive summary
The ransomware-as-a-service (RaaS) operation behind REvil have become one of the most prolific and successful threat groups since the ransomware first appeared in May 2019. REvil has been primarily used to target Windows systems. However, new samples have been identified targeting Linux systems. AT&T Alien Labs™ is closely monitoring the ransomware landscape and has already identified four of these samples in the wild during the last month, after receiving a tip from MalwareHuntingTeam. The purpose of this blog is to share recent findings and a summary of the adversary, malware family, and detection options.
Key Takeaways:
REvil ransomware authors have expanded their arsenal to include Linux ransomware, which allows them to target ESXi and NAS devices.
The new Linux version has similarities to the Windows version, which has impacted companies such as JBS, Acer, and…

Posted by: Fernando Martinez

Read full post

      

The post REvil’s new Linux version appeared first on Cybersecurity Insiders.

July 01, 2021 at 09:09PM

Posted in: Cyber Security, Cybersecurity Insiders, Hacking, Hacking Articles, Hacking News, Security