HackDig : Dig high-quality web security articles

Experts warn of attacks using a new Linux variant of SFile ransomware

2022-01-17 06:24

The operators of the SFile ransomware (aka Escal) have developed a Linux version of their malware to expand their operations.

SFile ransomware (aka Escal), has been active since 2020, it was observed targeting only Windows systems. Some variants of the ransomware append the English name of the target company to the filenames of the encrypted files.

Recently, the Chinese security firm Rising detected a Linux variant of the SFile ransomware that uses the RSA+AES algorithm mode.

“For example, the variant captured this time uses nuctech-gj0okyci (nuctech is the English name of Nuctech Technology Co., Ltd.) as the suffix name. Recently, Rising captured the Linux platform variant of the ransomware.” reads the analysis published by Rising.

Researchers at security firm ESET discovered an SFile ransomware variant supporting the FreeBSD platform that was used in attacks against a partially state-owned company in China.

“The SFile ransomware uses the Mbed TLS library, RSA-2048 and AES-256 algorithms for file encryption. The ransomware does not have its own portal; the attackers communicate with victims via email” reported ESET.

Read:1636 | Comments:0 | Tags:Breaking News Cyber Crime Malware Cybercrime Hacking hacking

“Experts warn of attacks using a new Linux variant of SFile ransomware”0 Comments

Submit A Comment



Blog :

Verification Code:


Share high-quality web security related articles with you:)
Tell me why you support me <3