New versions of the Albabat ransomware target Windows, Linux, and macOS, and retrieve configuration files from GitHub.
March 24, 2025 By Ionut Arghire
Newly identified versions of the Albabat ransomware are configured to target all major desktop platforms and to retrieve components from GitHub, cybersecurity firm Trend Micro reports.
Active since 2023 and also known as White Bat, Albabat is known for targeting Windows systems through fake activation tools and cheat software, but the first signs of potential expansion to other platforms were seen in early 2024.
In January last year, after noticing that the desktop wallpaper that Albabat was dropping on infected systems was mentioning Linux, Fortinet warned that the Rust-written ransomware could be cross-compiled to target more operating systems.
