While Edward Snowden is the source behind the largest scandal on the internet, he sure didn’t warn us that hackers would put ransoms onto their spyware. A special ransomware virus was discovered which targets Linux-based systems specifically, and it’s telling us hackers are expanding to web browsers for their vicious attacks.
This specific malware, labeled Lunix.Encoder.1, it breakes all files and goes through specific directories, encrypting home directories, the MySQL server directory, logs, and Web directories of Apache and the Ngnix web servers. It leaves a ransom note in every directory that contains encrypted files, and they are next to impossible to recover without appropriate backups or if users don’t pay the ransom.
This specific virus encrypts archives that contain the very word ‘backup’, so getting out of the pinch without paying the ransom is extremely difficult. The team behind the discovery urge users to keep active backups and make sure their information is as secure as possible. The team also revealed that it’s likely that the malware uses brute force guessing of remote access credentials or Web application exports combined with local privilege escalations, and it probably gives Snowden himself a warm feeling in the heart.
It’s an interesting development in how we are willing to pay to keep our information secure, as anti-virus software continues to grow, perhaps ransoms will start getting more aggressive and more lethal. Could this have been something Snowden missed or failed to inform the world about?