[BlueOnyx:18642] Re: Linux-targeted 'encryption' blackmail
Dogsbody
dan at dogsbody.org
Wed Nov 11 05:47:00 -05 2015
On 09/11/15 19:10, Tigerwolf wrote:
> Most of the articles don't mention just *how*
> these attacks get in, but this one has a bit more information:
> http://arstechnica.com/security/2015/11/new-encryption-ransomware-targets-linux-systems/
> Has anyone had any infestations from this yet?
We've helped a few people with this now. Most were infected via old
Magento sites that hadn't been updated with the latest security patches.
(Check your sites at https://www.magereport.com/ now!).
In each case we just rolled back from backup and earned a new customer :-)
The good new is that yesterday, a security company managed to work out a
way of unencrypting the files without paying the ransom. I haven't had a
chance to use the tool yet. It still maybe quicker to re-pull from
backups :-)
http://labs.bitdefender.com/2015/11/linux-ransomware-debut-fails-on-predictable-encryption-key/
Dan
More information about the Blueonyx
mailing list