Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Ransom Ware Targets Linux Servers

  • Please log in to reply
No replies to this topic

#1 buddy215


  • Moderator
  • 13,490 posts
  • Gender:Male
  • Location:West Tennessee
  • Local time:09:20 PM

Posted 07 November 2015 - 09:07 AM

Dazzler posted this in the Security Forum this morning: Ransomware Found Targeting Linux Servers and Coding Repositories - General Security

A newly discovered ransomware is attacking Linux Web servers, taking aim at Web development environments used to host websites or code repositories.

Russian antivirus maker Dr.Web came across this malware and said that the ransomware needs root privileges to work. Additionally, the company also says it does not yet know how the ransomware infects computers, but taking into account previous Linux-based malware infections, the main culprit may be an open SSH port with weak credentials.


I thought I should post that info here in the Linux Forum, too. My comment in Dazzler's Topic:

Home users of Linux distros reading the above should not be concerned about being a victim of the above reported malware IF

you are not running as ROOT and are not allowing REMOTE CONNECTION to your desktop. Remote connection is not allowed by

default in popular Linux distros such as Ubuntu. If you are not sure your particular Linux distro is allowing remote connection to your

desktop then you should confirm it isn't if you don't need to access your computer remotely. 


I should probably mention that securing your router is very important, too. If you haven't changed the default password and blocked

remote connection if unneeded.....that should be done, too. While in the router settings...check for firmware update, too.



“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

BC AdBot (Login to Remove)


1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users