SYMBOLCOMMON_NAMEaka. SYNONYMS
elf.red_alert (Back to overview)

RedAlert Ransomware

aka: N13V

Ransomware that targets Linux VMware ESXi servers. Encryption procedure uses the NTRUEncrypt public-key encryption algorithm.

References
2022-09-28vmwareGiovanni Vigna
@online{vigna:20220928:esxitargeting:bd1ce9a, author = {Giovanni Vigna}, title = {{ESXi-Targeting Ransomware: The Threats That Are After Your Virtual Machines (Part 1)}}, date = {2022-09-28}, organization = {vmware}, url = {https://blogs.vmware.com/security/2022/09/esxi-targeting-ransomware-the-threats-that-are-after-your-virtual-machines-part-1.html}, language = {English}, urldate = {2022-10-10} } ESXi-Targeting Ransomware: The Threats That Are After Your Virtual Machines (Part 1)
Avoslocker Babuk Black Basta BlackCat BlackMatter Conti DarkSide HelloKitty Hive LockBit Luna RansomEXX RedAlert Ransomware REvil
2022-07-12cybleCyble Research Labs
@online{labs:20220712:new:4cf4a94, author = {Cyble Research Labs}, title = {{New Ransomware Groups On The Rise: “RedAlert,” LILITH And 0mega Leading A Wave Of Ransomware Campaigns}}, date = {2022-07-12}, organization = {cyble}, url = {https://blog.cyble.com/2022/07/12/new-ransomware-groups-on-the-rise/}, language = {English}, urldate = {2022-07-14} } New Ransomware Groups On The Rise: “RedAlert,” LILITH And 0mega Leading A Wave Of Ransomware Campaigns
RedAlert Ransomware Lilith
2022-07-05Bleeping ComputerLawrence Abrams
@online{abrams:20220705:new:6189686, author = {Lawrence Abrams}, title = {{New RedAlert Ransomware targets Windows, Linux VMware ESXi servers}}, date = {2022-07-05}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/new-redalert-ransomware-targets-windows-linux-vmware-esxi-servers/}, language = {English}, urldate = {2022-07-13} } New RedAlert Ransomware targets Windows, Linux VMware ESXi servers
RedAlert Ransomware

There is no Yara-Signature yet.