X/Twitter (@TrendMicroRSRCH) Jun 2024
Thread
Play Ransomware's First Linux Variant Targets ESXi
RansomwareCross-Platform
Thread announcing the discovery of a new Linux variant of Play ransomware targeting ESXi environments, marking an expansion in the group's range and impact.
Related Research
Agenda Ransomware Deploys Linux Variant on Windows Systems Through Remote Management Tools and BYOVD Techniques
Discovered Agenda ransomware deploying Linux variants on Windows systems via remote management tools and BYOVD techniques for cross-platform evasion.
RansomwareCross-Platform
Agenda Ransomware Group Adds SmokeLoader and NETXLOADER to Their Arsenal
Uncovered Agenda ransomware group adopting SmokeLoader and a new loader named NETXLOADER for improved delivery and evasion.
RansomwareDefense Evasion
New LockBit 5.0 Targets Windows, Linux, ESXi
Technical analysis of LockBit 5.0 — cross-platform ransomware with heavy obfuscation, anti-analysis, and geopolitical safeguards.
RansomwareCross-Platform
Agenda Ransomware Exploits MeshAgent and WSL for Cross-Platform Attacks
Thread on Agenda ransomware exploiting MeshAgent and Windows Subsystem for Linux (WSL) to deploy Linux payloads on Windows systems, raising the bar for cross-platform sophistication.
RansomwareCross-Platform