When you purchase through links on our site, we may earn an affiliate commission.Heres how it works.
A recently discoveredransomwaregroup has been observed targeting organizations with a focus on FreeBSD servers.
The FreeBSD encryptor was compiled specifically for FreeBSD 10.4 and is a 64-bit ELF executable.
Despite this, Trend Micro researchers discovered additional samples of the FreeBSD encryptor, confirming its functionality.
While the FreeBSD version has presented challenges during analysis, Interlocks Windows encryptor functions effectively.
It clears event logs and, if configured, uses rundll32.exe to delete its binary after execution.
Each victim receives a unique “Company ID” for communication with the attackers via a chat system.
The FreeBSDoperating systemis known for its reliability and is therefore commonly used for critical functions.
Examples includeweb hosting, mail servers, and storage systems, all potentially lucrative targets for the attackers.
ViaBleepingComputer
