8.Locks HexConnections CodeGlobe

Linux and FreeBSD variants of the Hive ransomware have recently been discovered, demonstrating how threat actors are increasingly targeting other OSes besides Windows, and are looking to attack cloud apps.

In a tweet on Friday, the ESET researchers posted that just like the Windows version, the Linux and FreeBSD variants are written in Golang, but the strings, package names, and function names have been obfuscated, likely with gobfuscate, which lets developers compile a Go binary from obfuscated source code.

This new discovery from ESET clearly shows that attackers are thinking about Linux and cloud environments, many of which operate on Linux, said John Bambenek, principal threat hunter at Netenrich.