[Software] It's not a movie: the Russians can hijack your computer right now

[Draeno]

Security is increasingly important when connecting to the Internet. And it is that, every so often, new threats appear that put our computer at risk. Of all the types of viruses that exist, one of the most dangerous and difficult to block is ransomware. This is capable of infecting a PC without triggering antivirus alarms and hijacking all user data. And one of the latest variants of this type of virus comes to us from Russia, allowing hackers to hijack literally any computer.

Kaspersky security researchers warn of this new ransomware, called "Luna" that has recently started to be seen on the net. One of the features of this new virus is that it is designed to be used only by Russian-speaking users, so its origin is clear. Furthermore, the ransom note includes typos typical of a bad translation.

The creators of this ransomware have opted for a cross-platform programming language: Rust. For this reason, with just a few changes it is possible to adapt it so that it can infect both Windows computers and Linux computers and ESXi servers without any problems.

 

The most dangerous ransomware, but not yet finished
But not only its programming language makes it special. This new ransomware uses an encryption scheme that is very different from the usual ones in this type of malware, which makes it very difficult to recover data in the event of infection. When installed on a computer, this malware combines the Elliptic Curve X25519 Diffie-Hellman key exchange using Curve25519 with an AES encryption algorithm.

Luckily, at the moment there do not seem to be any victims infected with this ransomware. As reported by Kasperky, the hacking group has just been discovered, and is in the midst of an investigation. It could be a newly created group, which is most likely, or the team behind other known threats. Furthermore, the analyzed samples of Luna ransomware have very simple functions, and they only work via command line.

 

 

The ransomware as such is not yet built. But, when it is, it may be one of the worst in history.

Other active ransomware
In addition to the Luna threat, there are currently other active and developing threats that we need to be concerned about. For example, we have seen an exponential increase in threats created in cross-platform languages such as Rust and Golang, such as BlackCat and Hive.

Also, there is a new ransomware, called Black Basta, that is wreaking havoc on all kinds of Linux servers that is capable of infecting computers through unpatched vulnerabilities. And there are even two threats designed for Windows, Lilith and Omega, which since May have been able to collect millions of dollars in bounties.

If to these threats, and others that we are not talking about, we add the presence of Luna, and the hatred that there is right now from Russia to the rest of the world, we could be facing one of the worst security situations in the history of the