Trend Micro has sounded the alarm over the new LockBit 5.0 ransomware strain, which it warns is "significantly more dangerous" than past versions due to its newfound ability to simultaneously target Windows, Linux, and VMware ESXi environments.

In a technical breakdown of source binaries obtained from recent attacks, Trend Micro researchers identified dramatically enhanced evasion, obfuscation, and cross-platform capabilities in the new iteration. "Heavy obfuscation and technical improvements across all variants make LockBit 5.0 significantly more dangerous than its predecessors," the researchers warned.

The Windows variant now loads payloads via DLL reflection and employs aggressive anti-analysis packing; the Linux variant accepts command-line directives to tailor which directories and

See Full Page