Windows, Linux, and ESXi systems could be encrypted with the novel Luna ransomware family, which is believed to be developed by Russian-speaking threat actors, according to BleepingComputer.
While Luna ransomware is still under development, the strain was discovered by Kaspersky security researchers to be leveraging an atypical encryption scheme combining X25519 elliptic curve Diffie-Hellman key exchange using Curve25519 with the Advanced Encryption Standard symmetric encryption algorithm. Luna ransomware developers have also used the Rust programming language to facilitate more efficient porting to various platforms and better bypass attempted automated static code analysis.
"Both the Linux and ESXi samples are compiled using the same source code with some minor changes from the Windows version. The rest of the code has no significant changes from the Windows version," said researchers. Very little data is currently available regarding systems encrypted with the Luna ransomware, added Kaspersky, which noted that it is tracking further activity.