The new ransomware variant called Lilocked has been
infecting thousands of servers and encrypting their files while demanding a ransom. A curious fact about
this type of ransomware is that it only seems to attack Linux-based systems.

Currently, The method used by Lilocked
to breach the security of the servers and encrypt their content is unknown. Some experts have suggested
the theory that it could be taking advantage of the outdated software running on these systems to infect them.

Once a server is infected by this ransomware it is easy
to detect, since the files are encrypted with the extension '.lilocked' and
each folder includes a copy of a ransom note. Una
once users open the note, son redirigidos a un portal de la de DeepWeb donde se les muestra un mensaje para pagar 0.03 Bitcoins en su rescate (some 250 Euros).

Lilocked no cifra archivos de sistema, por lo que los
servidores continúan funcionando con normalidad. Lo que cifra es un subconjunto de extensiones
tipo HTML, SHTML, JS, CSS, PHP, INI, etc.

Debido a que aún se desconoce el método utilizado para infectar
los servidores, no se puede proporcionar una solución concreta al problema, but
la recomendación genérica es que los servidores tengan contraseñas extensas y
robustas, así como mantener las aplicaciones
actualizadas.


Leave a Reply

Your email address will not be published. Required fields are marked *

More news
A
Read more »
A researcher manages to hack some concert tickets using AI
Read more »
Una nueva campaña de phishing suplanta a ChatGPT
Read more »
Nintendo suffers a data breach through a supplier
Read more »
Trying to make fun of a scammer is not a very good idea
Read more »