Ransomware Reaches Linux
The security firm Dr. Web warns of a new strain of ransomware attacks that is targeting Linux server systems. The attack, which is known as Linux.Encoder.1, is currently preying on web servers. Recent versions gain entry through a flaw in the Magento CMS, but the attack could be adapted to other vectors.
Linux has largely been free of the ransomware craze, in which the attacker encrypts the victim's data and demands a ransom to restore the files. With all the Linux servers on the web, however, experts consider it a matter of time before intruders find ways to exploit Linux users. According to a report in the Register, this attack encrypts the public_html, www, webapp, backup, .git, and .svn directory and asks for a payment of 1 Bitcoin to release the data.
The advice is the same as always: back up your data, and install security updates to minimize the possibility of intrusion.