A recent article on SecureList spotlighted two relatively new ransomware strains specifically targeting Windows, Linux, and ESXi systems. Luna was brought to light by Kaspersky’s Darknet Threat Intelligence monitoring system, which discovered a new ad on a darknet ransomware forum. The malware is written in Rust and, according to SecureList, is pretty simple but uses an atypical encryption approach for ransomware schemes.
The article suggests that Russian actors may be behind this new threat, with the darknet ad stating that Luna only works with Russian-speaking affiliates. Luna also substantiates that the trend for cross-platform ransomware is real, with today’s ransomware cybercriminals relying heavily on languages like Golang and Rust. Rust was also used to write BlackCat ransomware, available to hackers as ransomware as a service.
SecureList explains that Black Basta, first noted in February of this year, has matured with new functionality, including starting up the system in safe mode before encryption and mimicking Windows Services to enable persistence. Attacks have been reported worldwide.
We’ll update this post as more information becomes available.
To learn how you can be confident you can recover from any ransomware attack, talk to an expert Arcserve technology partner. Check out our on-demand demos to learn more about Arcserve ransomware protection solutions.
You May Also Like
- Backup and Disaster Recovery Channel: MSPs / VARs / SIs Compliance Cybersecurity Data Protection Ransomware
DCIG Offers “Safe Assumptions” About Microsoft 365 SaaS Backup: How Arcserve Stacks UpMarch 23rd, 2023
- Channel: MSPs / VARs / SIs
MSPs: 4 Surefire Ways to Attract New Customers (and Keep Current Customers Happy)March 22nd, 2023
- Cybersecurity Data Protection Data Resilience
Researchers Use ChatGPT AI-Powered Malware to Evade Endpoint Detection and Response FiltersMarch 21st, 2023