The Luna ransomware was discovered in June 2022, it is developed in the Rust programming language, preventing the group from being easily detected because the malware’s code does not remain static. This variation is capable of operating on multi-platforms, which allows the ransomware to attack on more than one operating system at the same time, including Windows, Linux and ESXi.
To encrypt victims, Luna uses a combination of unpopular algorithms, the Diffie-Hellman x25519 key exchange and the AES encryption standard. After being executed, the files are given a so far unknown extension, which blocks access to the data.
During investigations, it was discovered that the Luna ransomware was fully adapted to the Russian language, indicating that the group’s targets are probably not part of the former USSR (Union of Soviet Socialist Republics).
Another point that reinforces this idea is the fact that the Luna ransom notes are written in American English, containing spelling errors, pointing out that the note was translated from another language.
Despite the complex information, the ransomware is relatively simple compared to others, and its resources are limited.
It’s clear that one of the biggest risks for businesses today is ransomware. That’s why Digital Recovery specialises in the recovery of data encrypted by ransomware. We have been developing unique solutions in the recovery field for over 23 years.
Ransomware attacks generate huge losses to their victims, so we stand ready to provide fast and efficient solutions in our services. Our team of experts is able to operate most cases 100% remotely.
In urgent cases, our engineers dedicate 24×7 special attention to the encrypted companies. And to validate our methods, we work in accordance with the General Data Protection Regulation (GDPR).
Aware of the importance that data confidentiality holds, we at Digital Recovery have developed our own confidentiality agreement (NDA).
For more information contact one of our experts and perform a diagnosis right now.