Cybersecurity researchers have shed light on a Linux variant of a relatively new ransomware strain called Helldown, suggesting that the threat actors are broadening their attack focus.
“Helldown deploys Windows ransomware derived from the LockBit 3.0 code,” Sekoia said in a report shared with The Hacker News. “Given the recent development of ransomware targeting ESX, it appears that the group could be evolving its current operations to target virtualized infrastructures via VMware.”
Basically, it was historically a windows malware, and it has expanded its attack surface to include Linux.
What is exactly is “expands” in this context? Like, isnt it a bunch of different ways to encrypt a filesystem in AES-256 or am I thinking simplistic?
Basically, it was historically a windows malware, and it has expanded its attack surface to include Linux.