SFile (Escal) ransomware ported for Linux attacks

The operators of the SFile ransomware, also known as Escal, have ported their malware to work and encrypt files on Linux-based operating systems.

Attacks with this new Linux variant were spotted late last year, Chinese security firm Rising said in a report last week, confirmed by The Record with MalwareHunterTeam, one of the people behind the ID-Ransomware project.
The SFile (Escal) ransomware was first seen in attacks in February 2020.
Initial versions were written for encrypting Windows systems only.
Over the past two years, the ransomware has been used as part of targeted attacks against corporate and government networks. During these attacks, SFile is usually deployed to encrypt files, and leave a ransom note for victims telling them to contact the attackers via one of three emails and negotiate a ransom for the decryption key.