RansomEXX Variant Ported to Impact Linux Systems
NJCCIC Alert
Original Release Date: 11/12/2020
Summary
Ransomware variants are very often created to affect Windows systems; however, the threat actors behind the RansomEXX variant have ported their strain to create a version that affects Linux systems. As ransomware threat actors continue to target servers on a victim network to increase their impact, developing variants capable of infecting Linux systems is essential to expanding their attack surface. While RansomEXX is not the first to develop Linux ransomware, these variants may start to become more common.
Recommendations
The NJCCIC recommends reviewing the NJCCIC Ransomware: Risk Mitigation Strategies guide and applying cybersecurity best practices to reduce the risk of a ransomware or other malware infection, including: exercising caution with emails – particularly those from unknown senders – and refraining from enabling macros in email attachments, reducing or eliminating external-facing systems, having a comprehensive data backup plan that includes offline backups, and establishing a ransomware incident response plan. For more information on RansomEXX, see the ZDNet article.
The NJCCIC is a component organization within the New Jersey Office of Homeland Security and Preparedness. We are the State's one-stop-shop for cyber threat analysis, incident reporting, and information sharing and are committed to making New Jersey more resilient to cyber threats by spreading awareness and promoting the adoption of best practices.
View our Privacy Policy here.
View our Site Index here.