There’s a new crypto-ransom scheme currently in-the-wild targeting Linux-based systems. It’s called “Linux.Encoder.1” by the folks at Dr.Web. Basically, instead of setting up phishing sites or exploit kit redirects on vulnerable web-servers, the Linux.Encoder.1 extortionists are targeting the web-server owners directly by encrypting their content.
As a consequence, Google is indexing numerous victims.
No word yet on whether or not the extortionists will honor payment with an actual decryption key. And their Tor hidden service is currently offline. Which is less then promising.
Don’t get caught contact us to help you sort your backups.