Linux Ransomware (Lilu) spreading.
by Totoro-kun from LinuxQuestions.org on (#4PXPD)
Hello,
I know I am a bit late with the news. Most of you have already known about this from other sources (fossbytes, ZDnet, reddit, etc).
Looks like the main culprit is Exim, hackers have used it's security vulnerability to gain root access:
https://www.openwall.com/lists/oss-s...y/2019/09/04/1
We don't really use Exim on Slackware, but there is a SlackBuild available (which probably should be monitored for updates).
Another possible treat, like usual, would be outdated WordPress installations/plugins.
~6k Linux servers word wide is not a huge number, still, hope no sites on Slackware servers gets encrypted :-)
Sources:
[www.zdnet.com]thousands-of-servers-infected-with-new-lilocked-lilu-ransomware
[reddit.com] thousands_of_servers_infected_with_new_lilocked
[cybersecurity-insiders.com] lilocked-ransomware-hits-linux-servers
I know I am a bit late with the news. Most of you have already known about this from other sources (fossbytes, ZDnet, reddit, etc).
Looks like the main culprit is Exim, hackers have used it's security vulnerability to gain root access:
https://www.openwall.com/lists/oss-s...y/2019/09/04/1
We don't really use Exim on Slackware, but there is a SlackBuild available (which probably should be monitored for updates).
Another possible treat, like usual, would be outdated WordPress installations/plugins.
~6k Linux servers word wide is not a huge number, still, hope no sites on Slackware servers gets encrypted :-)
Sources:
[www.zdnet.com]thousands-of-servers-infected-with-new-lilocked-lilu-ransomware
[reddit.com] thousands_of_servers_infected_with_new_lilocked
[cybersecurity-insiders.com] lilocked-ransomware-hits-linux-servers