File-encrypting ransomware starts targeting Linux Web servers
"Malware researchers from Russian antivirus vendor Doctor Web have recently discovered a new malware program for Linux-based systems that they've dubbed Linux.Encoder.1." -- source: http://www.linuxtoday.com/security/file-encrypting-ransomware-starts-targeti... Cheers, Peter -- Peter Reutemann Dept. of Computer Science University of Waikato, NZ +64 (7) 858-5174 http://www.cms.waikato.ac.nz/~fracpete/ http://www.data-mining.co.nz/
On Wed, 11 Nov 2015 13:36:30 +1300, Peter Reutemann wrote:
"Malware researchers from Russian antivirus vendor Doctor Web have recently discovered a new malware program for Linux-based systems that they've dubbed Linux.Encoder.1."
Turns out the perps screwed up the encryption key <lwn.net/Articles/663955/>.
"Malware researchers from Russian antivirus vendor Doctor Web have recently discovered a new malware program for Linux-based systems that they've dubbed Linux.Encoder.1."
Turns out the perps screwed up the encryption key <lwn.net/Articles/663955/>.
Hacked hackers? ;-) Cheers, Peter -- Peter Reutemann Dept. of Computer Science University of Waikato, NZ +64 (7) 858-5174 http://www.cms.waikato.ac.nz/~fracpete/ http://www.data-mining.co.nz/
On 11/11/2015 2:36 pm, Lawrence D'Oliveiro wrote:
Turns out the perps screwed up the encryption key <lwn.net/Articles/663955/>.
A tool has been released to decrypt encrypted files. From the article: "We realized that, rather than generating secure random keys and IVs, the sample would derive these two pieces of information from the libc rand() function seeded with the current system timestamp at the moment of encryption.". Doh! http://www.csoonline.com/article/3003413/cyber-attacks-espionage/linux-ranso...
participants (3)
-
Lawrence D'Oliveiro -
Peter Reutemann -
Simon Green