New Ransomware Variant Targeting Linux Web Servers

New Ransomware Variant Targeting Linux Web Servers

Cybercrime has cost Australians $1.5 billion and the rise in ransomware attacks has contributed to that figure. While ransomware is known to target personal computers, holding data on those machines hostage and demanding ransom, this kind of attack is being used by criminals to go after websites as well. Linux web servers are now being targeted by a new variant of ransomware.

IT picture from Shutterstock

Poorly secured Linux web servers have become a popular target for criminals thanks to their versatility in hosting or distributing threats. Three variants of the Linux.Encoder ransomware was found by DrWeb and BitDefender back in August and now Malwarebytes believes it has found another version of it.

This new variant of Linux.Encoder ransomware is going around attacking Linux web servers which results in the following type of message being displayed on websites hosted by compromised servers:

The ransom can range from US$50 all the way up to US$999.

According to Malwarebytes:

Attacks against websites are almost always automated and it looks like the author behind this is giving a free pass to fellow citizens who may “inadvertently” get their sites encrypted.

Those running Linux web servers, be mindful of this kind of ransomware that is doing the rounds and be sure to put in additional security measures to mitigate the threat.

[Via Malwarebytes Security Blog]


  • Surprised it took this long. Commercial entities are much more likely to pay to get their stuff decrypted, $1,000 is small change to a medium company, they could lose that per hour their website is down. While some grandma getting her PC encrypted isn’t likely to lose anything important, just access to her email for a couple of day until her grandson come around and re-installs Windows.

Comments are closed.

Log in to comment on this story!