The creator of RTM Locker RaaS, RTM group, has created a new ransomware malware that is intended to attack Linux-based computers. Linux, ESXi, and NAS hosts are susceptible to infection by the ransomware. It appears to have been influenced by the Babuk ransomware’s exposed source code.
Because it includes two related commands, Uptycs claims that this Linux version of RTM Locker is specifically targeted at ESXi hosts. Due to the usage of symmetric and asymmetric encryption, files cannot be decrypted without a private key. At this time, the primary infection vector remains unknown. After successful encryption, victims are instructed to get in touch with the support staff via Tox within 48 hours or risk having their data made public.