Windows, Linux, and ESXi systems could be encrypted with the novel Luna ransomware family, which is believed to be developed by Russian-speaking threat actors, according to BleepingComputer.
While Luna ransomware is still under development, the strain was discovered by Kaspersky security researchers to be leveraging an atypical encryption scheme combining X25519 elliptic curve Diffie-Hellman key exchange using Curve25519 with the Advanced Encryption Standard symmetric encryption algorithm. Luna ransomware developers have also used the Rust programming language to facilitate more efficient porting to various platforms and better bypass attempted automated static code analysis.
"Both the Linux and ESXi samples are compiled using the same source code with some minor changes from the Windows version. The rest of the code has no significant changes from the Windows version," said researchers. Very little data is currently available regarding systems encrypted with the Luna ransomware, added Kaspersky, which noted that it is tracking further activity.
BleepingComputer reports that multinational building automation conglomerate Johnson Controls had its operations, as well as those of its subsidiaries, disrupted by a significant ransomware attack claimed by the Dark Angels ransomware operation over the weekend that compromised its VMware ESXi servers and various other devices.
The Philippine Health Insurance Corporation, which manages the country's universal healthcare system, had its websites and portals disrupted by a Medusa ransomware attack last week, from which it is struggling to recover, reports The Record, a news site by cybersecurity firm Recorded Future.
Japanese multinational conglomerate Sony has begun an investigation into an alleged cyberattack, which was reported to have resulted in the exposure of 3.14 GB of data in hacking forums, amid the emergence of different attackers claiming to be behind the hack, according to BleepingComputer.