The Gunra ransomware group, which emerged in April targeting Windows systems, has released a sophisticated Linux variant capable of running 100 parallel encryption threads—double what most ransomware allows. This cross-platform expansion makes Gunra particularly dangerous, offering attackers unprecedented speed and flexibility in file encryption.
The group gained notoriety by allegedly leaking 40TB of hospital data in May and has since targeted victims across Brazil, Japan, Canada, Turkey, South Korea, Taiwan, and the US. Unlike its Windows version, the Linux variant skips ransom notes and focuses purely on rapid, configurable encryption. Trend Micro researchers warn organizations to monitor this fast-evolving threat closely.
Source: Dark Reading