{"id":616695,"date":"2023-03-11T08:49:01","date_gmt":"2023-03-11T14:49:01","guid":{"rendered":"https:\/\/news.sellorbuyhomefast.com\/index.php\/2023\/03\/11\/this-dangerous-windows-ransomware-is-now-going-after-linux-networks-too\/"},"modified":"2023-03-11T08:49:01","modified_gmt":"2023-03-11T14:49:01","slug":"this-dangerous-windows-ransomware-is-now-going-after-linux-networks-too","status":"publish","type":"post","link":"https:\/\/newsycanuse.com\/index.php\/2023\/03\/11\/this-dangerous-windows-ransomware-is-now-going-after-linux-networks-too\/","title":{"rendered":"This dangerous Windows ransomware is now going after Linux networks too"},"content":{"rendered":"<article aria-label=\"article\" data-id=\"2d5YcpGdyteiTs6sv8p5T6\">\n<header>\n<nav aria-label=\"Breadcrumbs\">\n<ol>\n<li>\n<a href=\"https:\/\/www.techradar.com\" aria-label=\"Return to Home\">Home<\/a>\n<\/li>\n<li>\n<a href=\"https:\/\/www.techradar.com\/news\" aria-label=\"Return to News\">News<\/a>\n<\/li>\n<li>\n<a href=\"https:\/\/www.techradar.com\/computing\" aria-label=\"Return to Computing\">Computing<\/a>\n<\/li>\n<\/ol>\n<\/nav>\n<\/header>\n<section>\n<div itemprop=\"image\" itemscope itemtype=\"https:\/\/schema.org\/ImageObject\">\n<div>\n<picture><source type=\"image\/webp\" alt=\"Ransomware\" onerror=\"if(this.src &#038;&#038; this.src.indexOf('missing-image.svg') !== -1){return true;};this.parentNode.replaceChild(window.missingImage(),this)\"   data-original-mos=\"https:\/\/cdn.mos.cms.futurecdn.net\/cJtFPyQYv7tobzbzvGKgSX.jpg\" data-pin-media=\"https:\/\/cdn.mos.cms.futurecdn.net\/cJtFPyQYv7tobzbzvGKgSX.jpg\"><source type=\"image\/jpeg\" alt=\"Ransomware\" onerror=\"if(this.src &#038;&#038; this.src.indexOf('missing-image.svg') !== -1){return true;};this.parentNode.replaceChild(window.missingImage(),this)\"   data-original-mos=\"https:\/\/cdn.mos.cms.futurecdn.net\/cJtFPyQYv7tobzbzvGKgSX.jpg\" data-pin-media=\"https:\/\/cdn.mos.cms.futurecdn.net\/cJtFPyQYv7tobzbzvGKgSX.jpg\"><img decoding=\"async\" src=\"https:\/\/cdn.mos.cms.futurecdn.net\/cJtFPyQYv7tobzbzvGKgSX-320-80.jpg\" alt=\"Ransomware\" onerror=\"if(this.src &#038;&#038; this.src.indexOf('missing-image.svg') !== -1){return true;};this.parentNode.replaceChild(window.missingImage(),this)\"   data-original-mos=\"https:\/\/cdn.mos.cms.futurecdn.net\/cJtFPyQYv7tobzbzvGKgSX.jpg\" data-pin-media=\"https:\/\/cdn.mos.cms.futurecdn.net\/cJtFPyQYv7tobzbzvGKgSX.jpg\"><\/picture>\n<\/div>\n<p><meta itemprop=\"url\" content=\"https:\/\/cdn.mos.cms.futurecdn.net\/cJtFPyQYv7tobzbzvGKgSX.jpg\"><br \/>\n<meta itemprop=\"height\" content=\"600\"><br \/>\n<meta itemprop=\"width\" content=\"338\"><figcaption itemprop=\"caption description\">\n<span itemprop=\"copyrightHolder\">(Image credit: Pixabay)<\/span><br \/>\n<\/figcaption><\/div>\n<div id=\"article-body\">\n<p>A new version of a dangerous Windows <a href=\"https:\/\/www.techradar.com\/best\/best-ransomware-protection\" target=\"_blank\" rel=\"noopener\">ransomware<\/a><span> (opens in new tab)<\/span> has been observed targeting Linux devices, cybersecurity researchers have revealed.<\/p>\n<p>What&#8217;s even more concerning is that the threat actors have made \u201cthoughtful choices\u201d to make sure the <a href=\"https:\/\/www.techradar.com\/news\/best-linux-distro-small-business\">Linux<\/a> strain targets the right devices and the right vulnerabilities.<\/p>\n<p>In a press release, cybersecurity researchers from SentinelLabs confirmed they had \u00a0seen a Linux version of IceFire ransomware for the first time. This variant has been dubbed iFire, and it targets a deserialization vulnerability in IBM Aspera Faspex file sharing software, tracked as CVE-2022-47986.\u00a0<\/p>\n<h2 id=\"big-game-hunting\">Big game hunting<\/h2>\n<p>But this is not the only surprising development when it comes to IceFire. The researchers have also found the threat actor targeting businesses in the media and entertainment sectors in countries like Turkey, Iran, Pakistan, and the United Arab Emirates &#8211; countries \u201cwhich are typically not a focus for organized ransomware actors.\u201d<\/p>\n<p>Instead, the threat actors considered IceFire a Windows-centric threat group going for \u201cbig-game hunting\u201d &#8211; targeting large enterprises with double extortion tactics, using countless persistence mechanisms, and evading analysis by deleting log files.\u00a0<\/p>\n<p>Compared to Windows, Linux is a more difficult operating system to infect with ransomware, the researchers added, also saying that this is particularly difficult to pull off at scale.\u00a0<\/p>\n<p>\u201cMany Linux systems are servers,\u201d they say. \u201cTypical infection vectors like phishing or drive-by download are less effective. To overcome this, actors turn to exploiting application vulnerabilities, as the IceFire operator demonstrated by deploying payloads through an IBM Aspera vulnerability.\u201d<\/p>\n<p>Still, despite the challenges, threat actors are increasingly looking to deploy ransomware to Linux devices, the reserachers conclude, saying that the evolution of IceFire is just another argument proving the case. The groundwork for Linux-targeting ransomware was laid in 2021, they said, but the trend accelerated in 2022 with BlackBasta, Hive, Qilin, ViceSociety, and others, started targeting the operating system, as well.<\/p>\n<ul>\n<li>Here&#8217;s our rundown of the <a href=\"https:\/\/www.techradar.com\/news\/best-endpoint-security-software\" target=\"_blank\" rel=\"noopener\">best endpoint protection<\/a><span> (opens in new tab)<\/span> services right now<\/li>\n<\/ul>\n<\/div>\n<div data-hydrate=\"true\" data-reactroot id=\"slice-container-newsletterForm-articleInbodyContent\">\n<section>\n<p>Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!<\/p>\n<\/section>\n<\/div>\n<div data-reactroot id=\"slice-container-authorBio\">\n<p>Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he\u2019s written for numerous media outlets, including Al Jazeera Balkans. He\u2019s also held several modules on content writing for Represent Communications.<\/p>\n<\/div>\n<\/section>\n<p><a href=\"https:\/\/www.techradar.com\/news\/this-dangerous-windows-ransomware-is-now-going-after-linux-networks-too\" class=\"button purchase\" rel=\"nofollow noopener\" target=\"_blank\">Read More<\/a><br \/>\n Leigha Schroeder<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Home News Computing (Image credit: Pixabay) A new version of a dangerous Windows ransomware (opens in new tab) has been observed targeting Linux devices, cybersecurity researchers have revealed.What&#8217;s even more concerning is that the threat actors have made \u201cthoughtful choices\u201d to make sure the Linux strain targets the right devices and the right vulnerabilities.In a<\/p>\n","protected":false},"author":1,"featured_media":616696,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[228,46,23032],"tags":[],"class_list":{"0":"post-616695","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-dangerous","8":"category-technology","9":"category-windows"},"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/posts\/616695","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/comments?post=616695"}],"version-history":[{"count":0,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/posts\/616695\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/media\/616696"}],"wp:attachment":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/media?parent=616695"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/categories?post=616695"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/tags?post=616695"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}