• 𝕸𝖔𝖘𝖘@infosec.pub
      link
      fedilink
      English
      arrow-up
      2
      ·
      16 hours ago

      Cybersecurity researchers have shed light on a Linux variant of a relatively new ransomware strain called Helldown, suggesting that the threat actors are broadening their attack focus.

      “Helldown deploys Windows ransomware derived from the LockBit 3.0 code,” Sekoia said in a report shared with The Hacker News. “Given the recent development of ransomware targeting ESX, it appears that the group could be evolving its current operations to target virtualized infrastructures via VMware.”

      Basically, it was historically a windows malware, and it has expanded its attack surface to include Linux.