Web-hosting firm agrees to pay over $1 million to ransomware extortionists

Nayana, a South Korean web hosting firm, was hit hard by a ransomware attack earlier this month which hit over 153 of its Linux servers, and impacting over 3,400 websites the company hosts for its business customers. Nayana’s systems are thought to have been hit by a Linux variant of the Erebus ransomware, designed to … More Web-hosting firm agrees to pay over $1 million to ransomware extortionists

Botnets overshadowed by ransomware (in media)

Regardless of how intensively the topic of ransomware is currently trending, it is not the most dangerous form of malware. Recently, the much-reported WannaCry ransomware took media by storm, however, it received considerably more coverage than it did harm, and it overshadowed other internet threats. More dangerous than ransomware is a malware capable of taking … More Botnets overshadowed by ransomware (in media)

New crypto-ransomware hits macOS

Crypto-ransomware has been very popular lately amongst cybercriminals. While most of it targets the Windows desktop, we’ve also seen machines running Linux or macOS being compromised by ransomware in 2016 with, for example, KillDisk affecting Linux and KeRanger attacking OS X. Early last week, we have seen a new ransomware campaign for Mac. This new ransomware, … More New crypto-ransomware hits macOS

KillDisk now targeting Linux: Demands $250K ransom, but can’t decrypt

ESET researchers have discovered a Linux variant of the KillDisk malware that was used in Ukraine in attacks against the country’s critical infrastructure in late 2015 and against a number of targets within its financial sector in December 2016. This new variant renders Linux machines unbootable, after encrypting files and requesting a large ransom. But … More KillDisk now targeting Linux: Demands $250K ransom, but can’t decrypt

Mumblehard takedown ends army of Linux servers from spamming

One year after the release of the technical analysis of the Mumblehard Linux botnet, we are pleased to report that it is no longer active. ESET, in cooperation with the Cyber Police of Ukraine and CyS Centrum LLC, have taken down the Mumblehard botnet, stopping all its spamming activities since February 29th, 2016. ESET is … More Mumblehard takedown ends army of Linux servers from spamming

Meet Remaiten – a Linux bot on steroids targeting routers and potentially other IoT devices

ESET researchers are actively monitoring malware that targets embedded systems such as routers, gateways and wireless access points. Recently, we discovered a bot that combines the capabilities of Tsunami (also known as Kaiten) and Gafgyt. It also provides some improvements as well as a couple of new features. We call this new threat Linux/Remaiten. So far, … More Meet Remaiten – a Linux bot on steroids targeting routers and potentially other IoT devices

Linux Mint site hacked, users unwittingly download backdoored operating system

I hope you weren’t one of the hundreds of people who downloaded a compromised version of the Linux Mint operating system on Saturday. Because if you were, it’s possible that you’re not just running one of the more user-friendly flavours of Linux on your computer but also playing host to a Linux ELF trojan called … More Linux Mint site hacked, users unwittingly download backdoored operating system