Madshrimps Forum Madness

Madshrimps Forum Madness (https://www.madshrimps.be/vbulletin/)
-   WebNews (https://www.madshrimps.be/vbulletin/f22/)
-   -   Lilocked infestations on the rise (https://www.madshrimps.be/vbulletin/f22/lilocked-infestations-rise-189866/)

Stefan Mileschin 11th September 2019 10:45

Lilocked infestations on the rise
 
Eats Linux

Thousands of web servers have been infected and had their files encrypted by a new strain of ransomware named Lilocked (or Lilu).

Infections have been happening since mid-July, and have intensified in the past two weeks.

Based on current evidence, the Lilocked ransomware appears to target Linux-based systems only. The way the Lilocked gang breaches servers and encrypts their content is currently unknown.

A thread on a Russian-speaking forum puts forward the theory that the hackers are targeting systems running outdated Exim (email) software. It mentions that the ransomware managed to get root access to servers by unknown means.

Lilocked doesn't encrypt system files, but only a small subset of file extensions, such as HTML, SHTML, JS, CSS, PHP, INI, and various image file formats. This means infected servers continue to run normally.

According to French security researcher Benkow, Lilocked has encrypted more than 6,700 servers, many of which have been indexed and cached in Google search results.

However, the number of victims is suspected to be much much higher. Not all Linux systems run web servers, and many other infected systems haven't been indexed in Google search results.

https://fudzilla.com/news/49361-lilo...ns-on-the-rise


All times are GMT +1. The time now is 00:11.

Powered by vBulletin® - Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO