Cybersecurity researchers are sounding the alarm bell over a new ransomware strain called « DarkRadiation » that’s implemented entirely in Bash and targets Linux and Docker cloud containers, while banking on messaging service Telegram for command-and-control (C2) communications.
« The ransomware is written in Bash script and targets Red Hat/CentOS and Debian Linux distributions, » researchers from Trend Micro said in a report published last week. « The malware uses OpenSSL’s AES algorithm with CBC mode to encrypt files in various directories. It also uses Telegram’s API to send an infection status to the threat actor(s). »