Ransomware Family GwisinLocker Encrypts Windows and Linux Servers

A threat actor dubbed Gwisin has launched a ransomware GwisinLocker which targets South Korean companies by encrypting Windows and Linux ESXi servers. The attacks were coincidentally launched on Korean public holidays and occurred mostly during early morning hours, which implies that the threat actor is likely Korean. Researchers from cybersecurity agencies Ahnlab and ReversingLabs have released their reports on GwisinLocker for Windows and Linux respectively. Read more...