Well there goes LINUX reputation as a strong bullet proof platform

Not sure if it's Linux - all systems/security are as good as their maintenance...
 
Looks like maintenance may not have been their strong point, to put it mildly!:

http://blog.trendmicro.com/trendlabs-security-intelligence/erebus-resurfaces-as-linux-ransomware/

'As for how this Linux ransomware arrives, we can only infer that Erebus may have possibly leveraged vulnerabilities or a local Linux exploit. For instance, based on open-source intelligence, NAYANA’s website runs on Linux kernel 2.6.24.2, which was compiled back in 2008. Security flaws like DIRTY COW that can provide attackers root access to vulnerable Linux systems are just some of the threats it may have been exposed to. Additionally, NAYANA’s website uses Apache version 1.3.36 and PHP version 5.1.4, both of which were released back in 2006. Apache vulnerabilities and PHP exploits are well-known; in fact, there was even a tool sold in the Chinese underground expressly for exploiting Apache Struts.'
 
All operating systems have flaws, the trick is to minimise the impact of exploits with carefully designed networks and security procedures. Running a 10+ year old version of Apache is like leaving your front door wide open with a big sign saying "steal my stuff" outside it.
 
Poor thread title - Should be "Bad web host runs ancient OS. Gets pwned. Coughs Up"
 
You must log in or register to reply here.
Back
Top