Ransomware is always a troublesome matter especially if it targets a particular operating system and you happen to be the one to have it. Initially, Erebus ransomware emerged as a “universal” threat seizing Windows users files and demanding ransom. Recent analysis reveals that new version solely targets Linux system.
Linux OS users, beware!
Linux OS system, as well as Mac OS, has a certain advantage over Windows OS users as there are relatively few threats created for these systems. Thus, Erebus attack turned out to be an exceptional case. The first explanation that comes to mind is that the fraudsters found the key vulnerabilities which enable the malware wreak havoc.
In Windows case, the virus has drawn attention for its ability to bypass User Account Control (UAC) messages. Similarly, once it infiltrates into Linux devices, it exploits a similar feature and makes use of Bluetooth to continue the siege even after the PC reboot.
South Korean company struck: the virus demands 1 500 000 dollars!
While the malware emerged in the second half of last year, it came into the spotlight again this June 10 as the malware infected South Korean web hosting Nayana company. In exchange to the encoded files, the virus requires 550BTC (≈1.5 million)! Interestingly, the felons urge to pay the victim as they provided the financial proof of the company’s financial capabilities. Fortunately, the victims have negotiated for the discount – 50 BTC discount.
What should you expect?
The fact that the developers managed to capture such company as a hostage is alarming. The current Erebus version employs ROT-23 ciphering technique and targets over 433 file types. The malware is also greedy when it comes to individual users – 5 BTC is a standard ransom.
While IT experts are looking or counterattack methods, users and companies should regularly update their systems. Linux users should beware of fishy links, as Erebus ransomware takes the liking of spreading via malvertising.