Ransomware Found Targeting Linux Servers, MySQL, Git, Other Development Files

An anonymous reader writes: A new piece of ransomware has been discovered that targets Linux servers, looking to encrypt only files that are related to Web hosting, Web servers, MySQL, Subversion, Git, and other technologies used in Web development and HTTP servers. Weirdly, despite targeting business environments, the ransomware only asks for 1 Bitcoin, a fairly low amount compared to other ransomware.

A low price is not a bad thing.

[sims+2]

However 1 bitcoin is roughly $400. While still less than 10 bitcoins its not nothing either.

A nice low number

[mhkohne]

That low ransom makes it REALLY easy for the business to justify just paying them off, instead of spending the time to deal with the problem in a different way. It's even small enough that a lower level manager who doesn't want to get fired for having screwed up and let this happen might pay it himself to keep from looking bad, which means that no one else in the organization might be informed.

If the malware can get enough traction, it could still bring in the big bucks over time.

Re:Git's not backup.

Given git's model, every developer has a full copy of the entire history. Sounds like a great backup to me.