Attacks with a new Linux encryptor have been deployed by the RansomHub ransomware-as-a-service operation against VMware ESXi environments, reports BleepingComputer.
Believed to be based on discontinued Knight ransomware, RansomHub’s Linux encryptor not only enables configuration decryption and execution delays but also allows additional progress info logging to console, snapshot removals, and virtual machine shutdowns, according to a report from Recorded Future’s Insikt Group.
RansomHub for Linux has also been thwarting detection by deactivating several critical services, including syslog, and enabling self-deletion, said researchers, who noted the encryptor’s utilization of ChaCha20 and Curve25519 encryption for public and private key generation.
Organizations looking to neutralize RansomHub for Linux attacks on their VMware ESXi environments have been urged to add ‘-1′ to their systems’ ‘/tmp/app.pid’ file, which would result in an endless loop of ending a nonexistent process.
Such findings come more than a month after a report on the group’s Windows and Linux encryptor.
SC StaffJune 21, 2024
Threat actors have leveraged a VBA downloader, VBA dropper, executable downloader, and link downloader to deploy the novel Fickle Stealer malware, Security Affairs reports.
SC StaffJune 21, 2024
SecurityWeek reports that organizations across China have been targeted with attacks using the new SquidLoader malware loader to deliver a Cobalt Strike beacon similarly configured as one used in previous campaigns against Chinese-speaking users.
SC Staff June 20, 2024
Hacktivist group GhostSec has expressed its desire to return to its roots, ending all financially motivated cybercrime efforts after obtaining sufficient income from the GhostLocker ransomware-as-a-service operation and the sale of databases containing stolen information, according to The Record, a news site by cybersecurity firm Recorded Future.
ChicagoVPS is your gateway to unparalleled hosting solutions. Our state-of-the-art datacenters and powerful network ensures lightning-fast speeds and uninterrupted connectivity for your websites and applications. Whether you’re a startup looking for scalable resources or an enterprise in need of enterprise-grade hosting, our range of plans and customizable solutions guarantee a perfect fit. Trust in ChicagoVPS to deliver excellence, combining unmatched reliability and top-tier support.
For Inquiries or to receive a personalized quote, please reach out to us through our contact form here or email us at sales@chicagovps.net.
