Pierluigi Paganini reports:
Cicada 3301 is a new ransomware-as-a-service (RaaS) operation that appeared in the threat landscape. The group appears to be very active and already listed 23 victims on its extortion portal since mid-June. The following image shows the list of victims published by the gang on its Dark Web leak site.
[…]
The Cicada3301 ransomware is written in Rust and targets both Windows and Linux/ESXi hosts. Truesec researchers dissected a variant that targets VMware ESXi systems, which appears to be a version of the same malware for Windows. The experts pointed out that while many ransomware groups are now targeting ESXi systems, only a few, including the now-defunct BlackCat/ALPHV group, have used Rust-based ransomware. Analysis reveals significant similarities between Cicada3301’s ransomware and the ALPHV ransomware.
Read more at SecurityAffairs.