IceFire Operators Introduces Linux Variant, Abuse IBM Flaw

11-Mar-23

Numerous ransomware organisations have been looking into Linux settings as a less-tapped market with the potential for a better rate of return. Recently, the ransomware IceFire debuted a Linux edition with the intention of attacking businesses in the media and entertainment industries worldwide.

Since mid-February, SentinelOne analysts have seen the most recent malware strain being deployed against victims in Turkey, Iran, Pakistan, and the UAE. The IceFire ransomware was released by attackers using a recently patched deserialization vulnerability (CVE-2022-47986) in IBM Aspera Faspex.

Read More…