Monti ransomware is back. The first version was discovered in June 2022, and it targeted Windows and Linux machines. The new version, which this article is about, is a fresh and improved Monti ransomware variant targeting Linux distributions. This is a serious matter because Linux powers more than 95% of web servers on a global level.
Based on the analysis conducted by security researchers, several legal and government sectors have already been infected.
This article will provide you with information about Monti ransomware and offer preventive measures for securing your Linux machines.
What is Monti Ransomware
Monti ransomware is developed by the Monti hacker group. As of August 2023, only three security vendors have identified Ransom.Linux.MONTI.THGOCBC as malicious. Also, according to leaked information on the Monti dark web, they have targeted 13 organizations so far, including 3 legal, 2 financial, 2 healthcare, and 6 others.
Many security researchers compare it to Conti ransomware because Monti ransomware was developed based on the Conti toolkit, including source code. It also uses the same tactics to spread and execute ransomware.
