Flash Advisories

Bash Ransomware DarkRadiation Targets Red Hat- and Debian-based Linux Distributions

A recently discovered Bash ransomware piqued interest in multiple ways. Upon investigating, it was found that the attack chain is fully implemented as a bash script, but it also seems that the scripts are still under development. 
Most components of this attack mainly target Red Hat and CentOS Linux distributions; however, in some scripts Debianbased Linux distributions are included as well. 
The worm and ransomware scripts also use the API of the messaging application Telegram for command-and-control (C&C) communication. It was found that most components of this attack have very low detection numbers in Virus Total. 
The hack tools URL with the ransomware information was initially reported by Twitter user @r3dbU7z

Comments are closed.