A brand new variant of the Hive ransomware, written in Go, has been developed focusing on Linux and FreeBSD working methods.
- Within the Linux variant, when the malware is run with an specific path, the encryption course of doesn’t work correctly attributable to some bug.
- Furthermore, the Linux model fails to initialize the encryption course of when it’s not run with the foundation privileges.
- As well as, each the Linux and FreeBSD variants have help for just one command line parameter (-no-wipe), whereas the equal Home windows variant has 5 execution choices.
- Encryption for the brand new variant of Hive ransomware, as observed by researchers of ESET, is anticipated to be nonetheless below improvement.
A short in regards to the Hive gang
Hive has been working as a ransomware-as-a-service since June.
- The group is thought for utilizing phishing emails with malicious attachments to achieve entry to the networks of victims. As soon as contained in the community, they use RDP to maneuver laterally throughout the community.
- The ransomware targets processes associated to backups and antivirus or anti-spyware and terminates them.