https://www.bleepingcomputer.com/news/security/ransomexx-ransomware-linux-encryptor-may-damage-victims-files/

​Cybersecurity firm Profero has discovered that the RansomExx gang does not correctly lock Linux files during encryption, leading to potentially corrupted files.

In a new report by Profero, Senior Incident Responder Brenton Morris says the RansomEXX decryptor was failing on various files encrypted by the threat actor's Linux Vmware ESXI encryptor for one the victims who paid the ransom.