Interesting that it can work across OS platforms:
It’s reusing code from the More_Eggs ransomware kit and it appears that the people behind PureLocker are going after financial institutions.
The reason it’s cross platform is because they’re using the PureBasic, whose binaries are designed to run across Mac, Windows & Linux. In addition, PureBasic binaries are proving to be a problem for AV detection. Here’s the analysis from the researchers that goes into more technical details:
https://www.intezer.com/blog-purelocker-ransomware-being-used-in-targeted-attacks-against-servers/