Back

Linux Ransomware Pay2Key Targets Enterprise Systems and Cloud Workloads

Severity: Medium (Score: 58.0)

Sources: Cybersecuritynews, Gbhackers

Summary

The Linux ransomware Pay2Key has evolved to target enterprise servers, VMware ESXi hosts, and cloud workloads, indicating a significant shift in its operational focus. Initially recognized for its attacks on Windows systems, particularly against Israeli and Brazilian organizations, it has now expanded its capabilities to Linux environments. The ransomware is attributed to Iranian threat actors and operates as a ransomware-as-a-service (RaaS). Recent reports indicate that this malware is actively exploiting vulnerabilities in organizational infrastructures, raising alarms about its potential impact on enterprise security. The exact number of affected organizations remains unclear, but the scope of its attacks suggests a growing trend in targeting Linux systems. Security professionals are advised to enhance their defenses against this emerging threat. Current mitigation strategies and specific vulnerabilities exploited by Pay2Key have not been detailed in the articles. Key Points: • Pay2Key ransomware now targets Linux servers and cloud workloads. • The malware is attributed to Iranian threat actors and operates as RaaS. • Organizations must enhance defenses against this evolving ransomware threat.

Key Entities

  • Ransomware (attack_type)
  • T1486 - Data Encrypted for Impact (mitre_attack)
  • Linux (platform)
  • VMware ESXi (platform)
  • Windows (platform)
  • Pay2Key (ransomware_group)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed