New Luna ransomware encrypt devices running Windows, Linux and ESXi Systems

A new ransomware named Luna was discovered by Kaspersky security researchers via a dark web ransomware forum. Luna can be used to encrypt devices running Windows, Linux and ESXi systems.

The ransomware is very simple and based on command line options adjudged to be under development with limited capabilities. Written in the programming language Rust, the ransomware operators were able to exploit its platform-agnostic nature, to port it to several platforms with only minor changes to the source code.

“The advertisement states that Luna only works with Russian-speaking affiliates. Also, the ransom note hard-coded inside the binary contains spelling mistakes. For example, it says ‘a little team’ instead of ‘a small team.’ Because of this, we assume with medium confidence that the actors behind Luna are speakers of Russian,” Kaspersky said.

According to researchers, the cross-platform language allows Luna ransomware to bypass automated static code analysis attempts.

While the ransomware strain is still being monitored, Kaspersky indicates that there is very little data on victims compromised with the Luna ransomware.

The sources for this piece include an article in BleepingComputer.

IT World Canada Staff
IT World Canada Staff
The online resource for Canadian Information Technology professionals.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

ITW in your inbox

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

More Best of The Web