August 4, 2021

Dedicated Forum to help removing adware, malware, spyware, ransomware, trojans, viruses and more!

REvil’s new Linux version

REvil’s new Linux version

This blog was jointly authored with Ofer Caspi.
Executive summary
The ransomware-as-a-service (RaaS) operation behind REvil have become one of the most prolific and successful threat groups since the ransomware first appeared in May 2019. REvil has been primarily used to target Windows systems. However, new samples have been identified targeting Linux systems. AT&T Alien Labs™ is closely monitoring the ransomware landscape and has already identified four of these samples in the wild during the last month, after receiving a tip from MalwareHuntingTeam. The purpose of this blog is to share recent findings and a summary of the adversary, malware family, and detection options.
Key Takeaways:
REvil ransomware authors have expanded their arsenal to include Linux ransomware, which allows them to target ESXi and NAS devices.
The new Linux version has similarities to the Windows version, which has impacted companies such as JBS, Acer, and…

REvil’s new Linux version Posted by:

Fernando Martinez

Read full post