In the fast-growing world of open source, FairWare ransomware has emerged as a new villain for Linux-based servers. This new attack lets hackers gain a backdoor access to Linux servers and then demand bitcoins to retrieve files deleted from their end.
Many users on Bleeping Computer forums reported about FairWare in the recent past. The ransomware is said to enable attackers to hack servers and remove website root folders alongside leaving a ransom note in the backend.
“My Linux machine was hacked (maybe brute force, perhaps intercepted on airplane) with root access and the www directory was deleted. There was a readme file with a link to a Pastebin where the ransom note was located,” a user wrote in a forum post.
Interestingly, the ransom note uploaded by the attackers demands two bitcoins to recover the website.
Malware analyst and founder of Bleeping Computer Lawrence Abrams considers that the attackers through the new ransomware are not likely to encrypt the files on their end. The files might just be uploaded to a separate server.
This is not the first time when Linux came in the news of a ransomware attack. Recently, a Drupal ransomware surfaced online that transformed into a Linux trojan and started creating new peer-to-peer (P2P) botnets.