CySecurity News – Latest Information Security and Hacking Incidents
The SFile ransomware, also known as Escal, has been ported to work and encrypt data on Linux-based operating systems by its developers.
Attacks with this new Linux edition were discovered late last year, according to a report published last week by Chinese security firm Rising, which was substantiated by The Record with MalwareHunterTeam, one of the developers of the ID-Ransomware project.
In February 2020, the SFile (Escal) ransomware was first observed in assaults. The first versions were exclusively designed to encrypt Windows systems. The ransomware has been deployed in targeted assaults against corporate and government networks for the previous two years.
SFile is typically used in these attacks to encrypt data and leave a ransom note instructing victims to contact the attackers via one of three emails and negotiate a ransom for the decryption key.
A SFile Linux variation was discovered late last year, following a typical trend in the ransomware ecosystem where groups have developed Linux versions of their payloads, with an encryption strategy identical to its original Windows variant but with a few modifications.
The option to encrypt data depending on a time range, according to MalwareHunterTeam, was the most intriguing of these—as a way to encrypt current files, which may be more important for some victims and a
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: