New Luna Rust-based Ransomware Family Targets Windows Linux and Vmware

  • iPhone 12 End of Life: When Will Apple Stop Supporting It

    Understanding Apple’s Software Support Policy is crucial as it directly impacts the lifespan, functionality, and performance of your iPhone 12. […]

  • Microsoft Entra ID Vulnerability: A Comprehensive Analysis of Privilege Escalation Threats

    Experts continuously unearth vulnerabilities that could potentially compromise infrastructure. One such recent revelation pertains to Microsoft Entra ID, previously known […]

  • KmsdBot Malware New Threat: Enhanced Targeting of IoT Devices

    Recent findings highlight an advanced version of the botnet malware, KmsdBot, which has now pivoted its focus onto Internet of […]

Kaspersky security researchers have revealed details of a brand-new ransomware family written in Rust, making it the third strain to do so after BlackCat and Hive.

Luna, as it’s known, is “fairly simple” and can run on Linux, Windows, and VMware ESXi, using a combination of Curve25519 and AES for encryption.

Luna advertisements on darknet forums indicate that the ransomware is only intended for use by Russian-speaking affiliates. Its core developers are also thought to be Russian due to spelling errors in the text hard-coded within the malware binary.

“Both the Linux and ESXi samples are compiled using the same source code with some minor changes from the Windows version,” According to a report published today by a Russian firm.

Luna is not the only ransomware targeting ESXi systems; last month, the Black Basta ransomware family was updated to include a Linux variant.

“Luna confirms the trend for cross-platform ransomware,” the researchers said, adding that the platform-agnostic nature of languages like Golang and Rust allows operators to target and attack at scale while evading static analysis.

However, because Luna is a newly discovered criminal group whose activity is still being actively monitored, there is very little information on victimology patterns.

Black Basta is also notable for booting a Windows system in safe mode before encryption in order to exploit the fact that third-party endpoint detection solutions may not start after booting the operating system in safe mode. This allows the ransomware to remain undetected while easily locking the desired files.

“Ransomware remains a significant issue in today’s society,” the researchers said. “As soon as one family leaves the stage, another takes their place.”

LockBit, on the other hand, remains one of 2022’s most active ransomware gangs, frequently utilizing RDP access to enterprise networks to create a Group Policy that terminates running processes and disables backup services while executing the ransomware payload

“LockBit’s success is also due to its developers and affiliate’s continued evolution of features and tactics, which include the malware’s fast encryption speed, ability to target both Windows and Linux machines, its brash recruitment drives, and high-profile targets,” According to a report from the Symantec Threat Hunter Team, which is part of Broadcom Software.

24 thoughts on “New Luna Rust-based Ransomware Family Targets Windows Linux and Vmware”

  1. I am currently writing a paper and a bug appeared in the paper. I found what I wanted from your article. Thank you very much. Your article gave me a lot of inspiration. But hope you can explain your point in more detail because I have some questions, thank you. 20bet

  2. Hi there! Quick question that’s entirely off topic. Do you know how to make your site mobile friendly? My site looks weird when browsing from my iphone 4. I’m trying to find a template or plugin that might be able to correct this problem. If you have any suggestions, please share. Thanks!

  3. I will immediately snatch your rss as I can’t to find your email subscription hyperlink or e-newsletter service. Do you have any? Kindly permit me realize in order that I may subscribe. Thanks.

  4. Undeniably believe that which you stated. Your favorite justification seemed to be on the internet the easiest thing to be aware of. I say to you, I definitely get irked while people consider worries that they plainly do not know about. You managed to hit the nail upon the top and also defined out the whole thing without having side effect , people can take a signal. Will likely be back to get more. Thanks

  5. I have been browsing on-line more than 3 hours lately, yet I never discovered any fascinating article like yours. It’s lovely price sufficient for me. In my opinion, if all site owners and bloggers made just right content as you did, the internet will be a lot more helpful than ever before. “When the heart speaks, the mind finds it indecent to object.” by Milan Kundera.

  6. Simply want to say your article is as surprising. The clearness on your post is simply spectacular and that i could assume you are knowledgeable on this subject. Fine together with your permission let me to seize your feed to keep up to date with imminent post. Thanks one million and please carry on the enjoyable work.

  7. Spot on with this write-up, I truly assume this web site needs much more consideration. I’ll in all probability be once more to learn far more, thanks for that info.

  8. Can you be more specific about the content of your article? After reading it, I still have some doubts. Hope you can help me.

  9. Hi! This is my first visit to your blog! We are a team of volunteers and starting a new project in a community in the same niche. Your blog provided us beneficial information to work on. You have done a outstanding job!

  10. you’re actually a excellent webmaster. The site loading speed is amazing. It seems that you’re doing any unique trick. Furthermore, The contents are masterwork. you’ve performed a magnificent activity on this subject!

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top