Related Families: Mandibule, Cobalt Strike, Trochilus, RedLeaves
Verticals Targeted: Government
China nexus threat actor group Earth Lusca was observed using a Linux-based backdoor dubbed SprySOCKS to target government entities.
Related Families: Conti
Verticals Targeted: Legal, Government
Related Families: Royal
BlackSuit ransomware targets both Windows and Linux systems and bears a striking resemblance to Royal ransomware.
Verticals Targeted: Gambling
Trend Micro recently reported on a new Linux variant of Emissary Panda’s SysUpdate. SysUpdate is one of Emissary Panda’s custom tools.
Verticals Targeted: IT, Financial, Materials, Healthcare, Food Production
Trend Micro recently reported on a new Linux variant of Royal ransomware that targets Linux systems and ESXi servers. Royal ransomware is yet another contender among the many ransomware families now targeting Linux systems.
Verticals Targeted: Education, Various
SentinelLabs recently reported on a newly discovered Linux variant of Cl0p ransomware. The Linux variant is similar to the Windows variant but uses a flawed encryption logic.
Related Malware: Babuk
Verticals Targeted: Multiple
Industry researchers recently reported on ESXiArgs ransomware, which targeted VMware ESXi servers around the globe. After CISA released a recovery script, the threat actors behind ESXiArgs distributed a new variant of the ransomware.