Cybersecurity researchers discovered a Linux variant of the Play ransomware known for double extortion tactics, impacting various industries worldwide. This development hints at broader attacks on the Linux platform.
The Play ransomware, utilizing methods like exfiltrating sensitive data and demanding ransom for decryption, has affected around 300 organizations, with the U.S. having the highest number of victims.
Analysis revealed the Linux variant of Play in a RAR archive along with tools used in previous attacks, implying potential similar tactics. The ransomware targets ESXi environments, encrypting virtual machine files.
Collection
[
|
...
]