Security Audit

Our Web Application Pentest ( WAP) attempts to address the Owasp top 10 & SANS top 20 web application vulnerabilities and other exploitable loopholes of your web application . Along with it our WAP team also test web applications for Business logic flaws that can directly or indirectly effect the functioning of application.

Trainings

We are here to help you solve your biggest query- where and how to start? CDI has brought various courses in Ethical Hacking in Chandigarh where all you technology lovers will be given the much needed push to move forward and create a niche for yourself in the field. From Beginner to Expert level we have many kinds of training patterns.

Call Us : +91-771045-0011 | +91-771045-0022

FairWare Ransomware is Deleting Files From Linux Servers and Asking For Money!

 

 

This is not a new thing, hackers are using different types of ransomware programs to hack computer systems. But this time, Hackers are targeting Linux Based Web Servers with the help of FairWare ransomware to earn money from server admins. Hackers are first deleting the whole folder of web server files and then they are demanding for money. In normal ransomware attacks, hackers first encrypt all the files of a target system and then they leaves a message behind for money to decrypts all the files. But in this case, hackers are deleting all the files of a web server.

According to a blog post of Lawrence Abrams (Founder of tech Support Forum Bleeping Computers), “Hackers are using “FairWare” named ransomware to delete web files. After hacking a web server, attackers are remotely installing this ransomware on server. They are deleting all the web files remotely and demanding $1200 (Around 2 Bitcoins) from server admins to restore all the deleted files.”

 

Ransom Note

After doing all this, hackers are leaving a message. In this message they are writing,” We are the only solution in this world to recover your deleted files. We have a backup of your files, because before deleting we encrypted all the files and uploaded it on a server. This server is under our control and if you will pay us, we will reinstall these files on your server. You have time of two weeks to make this payment, after that we will permanently delete your files.”

 

Does Attackers really have the backup of deleted files?

According to security experts, nobody can say that hackers really have a backup of deleted files. Victims have no need to pay this ransom of two bitcoins and they need to think twice before paying. A number of Linux server have been targeted by these hackers but server admins are not giving them ransom, because they have a backup of server files.

 

Also read: Linux.PNScan Trojan is Back Again! Indian x86 Linux Based Routers are on Target!

 

Besides it, the hosting companies are giving services such as weekly and monthly data backup. Data backup can help admins to recover deleted files, but it is not a solution of this problem. Server admins need to find security holes and they have to fix it to keep these type of attacks away from the system.

 

Security Tips for Server Admins

 

  • Never use outdated version of any service. Update all the service packages to its latest version.
  • Always keep a backup of your server files to an offsite location.
  • Check your files system time to time. If you found any issue, fix it immediately. 
  • Never shared your sensitive information with anyone.

 

Leave a Reply

Name
Email id
Contact No
Comment

See more of Cyber Intelligence by logging in.
Connect with cyber security experts,Discover job opportunities,Online Training, Information Security Advisory and lot more.