Ransomware called “DarkRadiation” targets Linux and Docker cloud containers. The malware is written in Bash script and targets Red Hat/CentOS and Debian Linux distributions. It also uses Telegram’s API to communicate with the C2 server via hardcoded API keys. As of writing, there’s no information available on the delivery methods or evidence that the ransomware has been deployed in real-world attacks. DarkRadiation’s infection chain involves a multi-stage attack process and is noteworthy for its extensive reliance on Bash scripts.
Source: https://thehackernews.com/2021/06/wormable-darkradiation-ransomware.html