Potential Ransomware Hits Linux Servers

Linux running web servers appear to be at risk of a new strain of ransomware called FairWare. Three Linux administrators, at least for now, have already complained about being targeted by the malicious newcomer.

 

linux-server

People, who were having trouble with ransomware support thread and posted their quandary on the Bleeping Computer forum and the Chinese V2EX Q&A site, alarmed they have been hacked. The said the attackers had removed their website root folders and had left a short ransom note in the /root folder.

This ransom note, named READ_ME.txt, stated only the following:

“Hi, please view here: http://pastebin.com/raw/jtSjmJzS for information on how to obtain your files!”

Visiting the link victims see a more detailed ransom note with a message from the crooks, payments instructions and an email address for the victim to get in touch with the hackers. The note also includes a ransom sum, 2 Bitcoin ($1,150), which the victims should pay in the Bitcoin wallet.

Security expert and a founder of Bleeping Computer, Lawrence Abrams, states that, for the moment, it is not clear if the FairWare actually encrypts victims` data. He supposes that the hackers may be just bluffing and uploading the files to their server and keeping them hostage until the payment is complete.

Abrams also thinks that there is a high chance the crooks may be deleting the files for good and even if a victim decides to pay, they might get double-crossed. In the longer ransom note, FairWare devs warn they will ignore any user asking them to prove that they still have the files.

Despite the hackers` warning, users are advised to try getting a proof that they data is still intact before completing the ransom payment.
source : http://virusguides.com