Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.
Mar 3, 2023 1:25:10 PM / by The Hivemind posted in Threat Bulletin, Ransomware, Linux, Royal
Verticals Targeted: IT, Financial, Materials, Healthcare, Food Production
Trend Micro recently reported on a new Linux variant of Royal ransomware that targets Linux systems and ESXi servers. Royal ransomware is yet another contender among the many ransomware families now targeting Linux systems.
Feb 28, 2023 12:53:32 PM / by The Hivemind posted in Threat Bulletin, Ransomware, Linux, Cl0p
Verticals Targeted: Education, Various
Executive Summary
SentinelLabs recently reported on a newly discovered Linux variant of Cl0p ransomware. The Linux variant is similar to the Windows variant but uses a flawed encryption logic.
Feb 21, 2023 1:20:39 PM / by The Hivemind posted in Threat Bulletin, Ransomware, Linux, ESXiArgs, Babuk, CVE-2021-21974
Related Malware: Babuk
Verticals Targeted: Multiple
Executive Summary
Industry researchers recently reported on ESXiArgs ransomware, which targeted VMware ESXi servers around the globe. After CISA released a recovery script, the threat actors behind ESXiArgs distributed a new variant of the ransomware.
Key Takeaways
Oct 3, 2022 3:59:17 PM / by PolySwarm Tech Team posted in Threat Bulletin, Linux, Backdoor, SparklingGoblin, SideWalk
Related Families: Specter RAT, SideWalk (Windows)
Verticals Targeted: Education
Executive Summary
ESET recently reported on a SideWalk Linux variant. SideWalk is a backdoor used by the SparklingGoblin threat actor group.
Sep 15, 2022 1:51:05 PM / by PolySwarm Tech Team posted in Threat Bulletin, Linux, Shikitega, CVE-2021-4034, CVE-2021-3493
Executive Summary
In our 2021 Year in Review, we predicted a rise in Linux malware for 2022. AT&T Alien Labs recently reported on Shikitega, a new Linux malware with stealth capabilities.
Key Takeaways
Sep 12, 2022 1:45:13 PM / by PolySwarm Tech Team posted in Threat Bulletin, Ransomware, Linux, DarkAngels
Related families: Babuk
Executive Summary
Uptycs recently reported on a new DarkAngels Linux ransomware variant that appears to still be in development.
Sep 1, 2022 12:30:19 PM / by PolySwarm Tech Team posted in Threat Bulletin, Linux, Lightning Framework
Executive Summary
Intezer recently reported on Lightning Framework, a Linux malware with modular plugins and the ability to install rootkits.
Key Takeaways
Aug 22, 2022 3:09:40 PM / by PolySwarm Tech Team posted in Threat Bulletin, Linux, IoT, SSH, Mirai, RapperBot
Executive Summary
FortiGuard Labs recently reported on RapperBot, a malware family with a built-in capability to brute force credentials and gain access to SSH servers.