"DarkRadiation" -- Abusing Bash for Linux and Docker Container Ransomware

by
janrinok
from SoylentNews on (#5KRK1)

upstart writes:

DarkRadiation | Abusing Bash For Linux and Docker Container Ransomware - SentinelOne:

While new ransomware families are a common occurrence these days, a recently discovered ransomware dubbed 'DarkRadiation' is especially noteworthy for defenders. First, it targets Linux and Docker cloud containers, making it of particular concern to enterprises. Secondly, DarkRadiation is written entirely in Bash, a feature that can make it difficult for some security solutions to identify as a threat. In this post, we'll take a look at the DarkRadiation Bash scripts and show how this novel ransomware can be detected.

DarkRadiation appears to have been first noticed in late May by Twitter user @r3dbU7z and was later reported on by researchers at Trend Micro. It appears to have come to light as part of a set of hacker tools through discovery on VirusTotal.

[...] At this time, we have no information on delivery methods or evidence of in-the-wild attacks. However, analysis of its various components suggest that the actors behind its development intend on using it as a campaign targeting Linux installs and Docker containers.

Read more of this story at SoylentNews.

External Content
Source RSS or Atom Feed
Feed Location https://soylentnews.org/index.rss
Feed Title SoylentNews
Feed Link https://soylentnews.org/
Feed Copyright Copyright 2014, SoylentNews
Reply 0 comments