Linux Variant of REvil Ransomware Targets VMware’s ESXi, NAS Devices
#1
Information 
Quote:Cybercriminals behind a string of high-profile ransomware attacks, including one extorting $11 million from JBS Foods last month, have ported their malware code to the Linux operating system. The unusual move is an attempt to target VMware’s ESXi virtual machine management software and network attached storage (NAS) devices that run on the Linux operating system (OS).
 
Researchers at AT&T Cybersecurity said they have confirmed four Linux samples of the REvil malware in the wild.
 
Ofer Caspi, security researcher at Alien Labs, a division of AT&T Cybersecurity, wrote in a Thursday blog that after receiving a tip from MalwareHuntingTeam it identified the four samples.
 
“REvil ransomware authors have expanded their arsenal to include Linux ransomware, which allows them to target ESXi and NAS devices,” Caspi wrote.
 
In a nod to research by AdvIntel in early May 2021, which reported REvil’s intent to port its Windows-based ransomware to Linux, Caspi confirmed the Linux variant was spotted in May “affecting *nix systems and ESXi.”
 
“The samples are ELF-64 executables, with similarities to the Windows REvil executable, being the most noticeable among the configuration options,” he wrote.
 
Executable and Linkable Format (or ELF-64) is a standard file format for executable files within Linux and UNIX-like operating systems, according to a technical breakdown.

Read more: Linux Variant of REvil Ransomware Targets VMware’s ESXi, NAS Devices | Threatpost
[-] The following 1 user says Thank You to silversurfer for this post:
  • harlan4096
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:





[-]
Recent Posts
Microsoft Defender Antivirus security in...
September-2025 (Pl...harlan4096 — 09:38
UltraSearch 4.8.4
Version 4.8.4 1...harlan4096 — 09:35
Brave 1.83.120
Release Channel 1....harlan4096 — 09:34
Meta launches new anti-scam tools for Wh...
Meta has announced...harlan4096 — 09:33
YouTube is adding an option to limit the...
YouTube is rolling...harlan4096 — 09:28

[-]
Birthdays
Today's Birthdays
avatar (38)Mblippek
Upcoming Birthdays
avatar (47)Michaelaceve
avatar (37)QuadirLigh
avatar (44)viecontAceve

[-]
Online Staff
There are no staff members currently online.

>