Mailinglist Archive: opensuse (1264 mails)

< Previous Next >
Re: [opensuse] Linux threats from ransomware : Erebus
On 2017-06-21 09:12, ellanios82 wrote:
stuff seen :

<http://blog.trendmicro.com/trendlabs-security-intelligence/erebus-resurfaces-as-linux-ransomware/>


«As for how this Linux ransomware arrives, we can only infer that Erebus
may have possibly leveraged vulnerabilities or a local Linux exploit.
For instance, based on open-source intelligence, NAYANA’s website runs
on Linux kernel 2.6.24.2, which was compiled back in 2008.»

«Additionally, NAYANA’s website uses Apache version 1.3.36 and PHP
version 5.1.4, both of which were released back in 2006»

[Groan]

«In a notice posted on NAYANA’s website last June 12, the company shared
that the attackers demanded an unprecedented ransom of 550 Bitcoins
(BTC), or US$1.62 million, in order to decrypt the affected files from
all its servers. In an update on June 14, NAYANA negotiated a payment of
397.6 BTC (around $1.01 million as of June 19, 2017) to be paid in
installments.»


Well, I hope that by now they learnt to update their machines.

--
Cheers / Saludos,

Carlos E. R.
(from 42.2 x86_64 "Malachite" at Telcontar)

< Previous Next >
Follow Ups
References