Skip to Content

RansomEXX leaked: RansomExx Malware Moves to Rust Programming Language

Updated on 2022-11-25: RansomExx Malware Moves to Rust Programming Language

The RansomExx malware has been rewritten in the Rust programming language, which helps it evade detection by antivirus products and increases the amount of time needed to reverse engineer. Rust also has cross-platform support. Other ransomware groups have also migrated their malware to Rust.


  • The prior version of this ransomware was written in C++. At the time of writing, 14 of the 60+ AV detection engines tested detected the Rust-based malware. The current version of RansomExx2 is only available for Linux platforms; given the history of the group writing the malware, a Windows version is imminent. Other ransomware released in Rust includes Hive, Zeon and BlackCat.


Updated on 2022-11-22

IBM X-Force researchers said they discovered a new version of the RansomExx ransomware that was rewritten in the Rust programming language. They named this new version RansomExx2 but noted that most of its functionality is similar to its C++ predecessor. RansomExx now joins the ranks of BlackCat, Hive, and Zeon—other ransomware strains also written in Rust. Read more: RansomExx Upgrades to Rust

Updated on 2022-10-14

RansomEXX leaked a database of 52GB, which it claims to be stolen from Consorci Sanitari Integral, a Barcelona hospital system. Read more: RansomExx Leaks 52GB of Barcelona Health Centers’ Data

Updated on 2022-10-05: Ferrari hack

Earlier this week, on Monday, the RansomExx ransomware group claimed to have breached Italian carmaker Ferrari and leaked almost 7GB of data from the company’s servers. But in a statement provided to local media, Ferrari said they haven’t detected any breach or ransomware attack on their network. The company said it’s still investigating the incident and that there was no disruption to its business following this particular incident—which to most security experts is starting to look like a breach of one of the carmaker’s contractors; an incident that was most likely misrepresented by the attackers for increased media coverage. Read more: La Ferrari è stata colpita dal ransomware RansomEXX. 7GB di dati scaricabili online


Ferrari, the sports car manufacturer, said some of its internal documents were leaked online, while also claiming that it didn’t encounter evidence of any cyberattack. Researchers surmise that it witnessed a ransomware attack. Read more: RansomEXX gang claims to have hacked Ferrari and leaked online internal documents

Alex Lim is a certified IT Technical Support Architect with over 15 years of experience in designing, implementing, and troubleshooting complex IT systems and networks. He has worked for leading IT companies, such as Microsoft, IBM, and Cisco, providing technical support and solutions to clients across various industries and sectors. Alex has a bachelor’s degree in computer science from the National University of Singapore and a master’s degree in information security from the Massachusetts Institute of Technology. He is also the author of several best-selling books on IT technical support, such as The IT Technical Support Handbook and Troubleshooting IT Systems and Networks. Alex lives in Bandar, Johore, Malaysia with his wife and two chilrdren. You can reach him at [email protected] or follow him on Website | Twitter | Facebook

    Ads Blocker Image Powered by Code Help Pro

    Your Support Matters...

    We run an independent site that is committed to delivering valuable content, but it comes with its challenges. Many of our readers use ad blockers, causing our advertising revenue to decline. Unlike some websites, we have not implemented paywalls to restrict access. Your support can make a significant difference. If you find this website useful and choose to support us, it would greatly secure our future. We appreciate your help. If you are currently using an ad blocker, please consider disabling it for our site. Thank you for your understanding and support.