SoylentNews is people
SoylentNews is powered by your submissions, so send in your scoop. Only 17 submissions in the queue.
SoylentNews
A new bit of ransomware is now attacking Linux-based machines, specifically the folders associated with serving web pages. Called Linux.Encoder.1 the ransomware will encrypt your MySQL, Apache, and home/root folders. The system then asks for a single bitcoin to decrypt the files.
From Dr.Web Antivirus:
Once launched with administrator privileges, the Trojan dubbed Linux.Encoder.1 downloads files containing cybercriminals’ demands and a file with the path to a public RSA key. After that, the malicious program starts as a daemon and deletes the original files. Subsequently, the RSA key is used to store AES keys which will be employed by the Trojan to encrypt files on the infected computer.
[Ed's Comment: Emphasis mine.]
This discussion has been archived.
No new comments can be posted.
Linux Ransomware is Now Attacking Webmasters
|
Log In/Create an Account
| Top
| 40 comments
| Search Discussion
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
I am two fools, I know, for loving, and for saying so.
-- John Donne
(Score: 2) by hemocyanin on Sunday November 08 2015, @10:21AM
One would hope that a server would have a decent backup system in place making this less profitable for the attackers. Grandmas who have all their grandkids photos unbackedup on one computer are a much juicier target.
(Score: 3, Funny) by DNied on Sunday November 08 2015, @12:25PM
Moral of the story: If grandma is root, you'd better get an account on a different machine.
(Score: 2) by Bot on Monday November 09 2015, @12:13AM
Deduplicating backup tools like attic might even detect something is wrong when a snapshot swells abruptly.
Account abandoned.