30.Lock Globe Motherboard Esm W900

A new ransomware binary targeting Linux systems has been attributed to the ransomware-as-a-service (RaaS) RTM group.

Security researchers at Uptycs shared the findings in an advisory published on Wednesday, saying this is the first time the group had created a Linux binary.

“Its locker ransomware infects Linux, NAS, and ESXi hosts and appears to be inspired by Babuk ransomware’s leaked source code,” explained the company.

Similarities in the code include methods to generate random numbers. They also share the type of files they encrypt. Finally, both use advanced encryption techniques to make it difficult to recover the encrypted files without the attacker’s private key.