Stories
Slash Boxes
Comments

SoylentNews is people

posted by janrinok on Sunday November 08 2015, @06:12AM   Printer-friendly
from the malware-for-idiots dept.

A new bit of ransomware is now attacking Linux-based machines, specifically the folders associated with serving web pages. Called Linux.Encoder.1 the ransomware will encrypt your MySQL, Apache, and home/root folders. The system then asks for a single bitcoin to decrypt the files.

From Dr.Web Antivirus:

Once launched with administrator privileges, the Trojan dubbed Linux.Encoder.1 downloads files containing cybercriminals’ demands and a file with the path to a public RSA key. After that, the malicious program starts as a daemon and deletes the original files. Subsequently, the RSA key is used to store AES keys which will be employed by the Trojan to encrypt files on the infected computer.


[Ed's Comment: Emphasis mine.]

Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2) by VLM on Sunday November 08 2015, @07:28PM

    by VLM (445) Subscriber Badge on Sunday November 08 2015, @07:28PM (#260453)

    There's a modern moronity out there along the lines of:

    wget -O - http://dumbidea.com/install.sh [dumbidea.com] | sudo sh

    I mean what could possibly go wrong? For bonus points make sure to use http instead of https. Also make sure to pack the .sh full of bashisms, after all every civilized individual symlinks /bin/sh to /bin/bash, right? And now improved with bundled ASK toolbar!

    For a good laugh check out:

    http://curlpipesh.tumblr.com/ [tumblr.com]

    Starting Score:    1  point
    Karma-Bonus Modifier   +1  

    Total Score:   2