Home > Cyber News > New Luna Ransomware Targets Windows, Linux, and ESXi Systems
CYBER NEWS

New Luna Ransomware Targets Windows, Linux, and ESXi Systems

by   |  Last Update:  |  0 Comments  

New Luna Ransomware Targets Windows, Linux, and ESXi Systems

Security researchers reported the discovery of a new cross-platform ransomware strain coded to target Windows, Linux, and ESXi systems.

Meet the New Cross-Platform Luna Ransomware

Discovered by Kaspersky’s Darknet Threat Intelligence monitoring system, the so-called Luna ransomware is advertised on a darknet ransomware forum. Called Luna, the malware is written in Rust and is “fairly simple” judging by the available command line options. However, its encryption scheme is different as it involves the use of x25519 and AES, a combination not often encountered in ransomware campaigns.

“Both the Linux and ESXi samples are compiled using the same source code with some minor changes from the Windows version. For example, if the Linux samples are executed without command line arguments, they will not run. Instead, they will display available arguments that can be used,” Kaspersky said.

According to the darknet forum advertisement, Luna currently works only with Russian-speaking affiliates, and the researchers believe that the ransomware creators are also Russian.

The emergence of this new ransomware confirms the trend of cross-platform malware and ransomware, as well as the use of languages such as Golang and Rust. Another example is the BlackCat ransomware discovered last winter. The ransomware group was the first to use Rust in a malicious sample that was used in the wild.

Another example of ransomware that targets more than one operating system is HelloXD which has been carrying out double extortion attacks since November 2021.

The ransomware has multiple variants that impact both Windows and Linux systems. What distinguishes HelloXD from other, similar ransomware families is the fact that it doesn’t feature a leak site. Instead, it redirects victims to negotiate via the Tox (a p2p instant messaging protocol used by other ransomware, too) chat and onion-based messengers.

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim

More Posts

Follow Me:
Twitter

Related posts:
  1. Top 15 Linux Security Questions You Didn’t Know You Had Beginner Linux administrators and users should know that even though...
  2. The Best Linux Server Distributions in 2017 Gnu/Linux is one of the leading server operating systems due...
  3. GwisinLocker Ransomware Targets Windows and Linux in Attacks against Companies GwisinLocker is a new ransomware family targeting South Korean industrial...
  4. Top Security and Privacy Linux Distributions in 2019 There are many specialist Linux distributions that are designed with...
  5. Agenda Ransomware Written in Rust Targets Critical Infrastructure According to cybersecurity reports, a new variant of the recently...
  6. The 10 Best Methods on How to Improve Linux Security This blog post is created in order to help you...
  7. How to Use Linux on a Windows Computer (Tutorial) Linux. On Windows. It sounds like something straight out of...
  8. CVE-2022-21658: High Severity Vulnerability in Rust Language A new high severity vulnerability in the Rust programming language...

Leave a Comment

Your email address will not be published. Required fields are marked *

This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Privacy Policy.
I Agree