[sf-lug] Ransomware threat to Linux servers

Bobbie Sellers bliss-sf4ever at dslextreme.com
Mon Nov 9 13:13:33 PST 2020 


On 11/9/20 12:33 PM, Akkana Peck wrote:
> Bobbie Sellers writes:
>>      Note that keeping your security up-to-date is the best defense.
>>
>> Linux version of RansomEXX ransomware discovered
>>
>> This marks the first time a major Windows ransomware strain has
>> been ported to Linux to aid hackers in their targeted intrusions.
>>
>> <https://www.zdnet.com/article/linux-version-of-ransomexx-ransomware-discovered/>
> I get so frustrated by reports of malware, especially ransomeware.
> Seems to me that the important part isn't whether it encrypts or
> deletes files, or whether it asks for a ransom, but... how does
> a system get infected with it in the first place, and how should
> one guard against that? And the articles hardly ever bother to
> mention that.
>
> The linked Kaspersky page says it's a trojan, apparently an
> executable that you'd have to run in order to get infected.
> (As root? Or not? I don't see any mention of that.)
>
> So, has it somehow snuck into Debian, Ubuntu, Redhat, Fedora
> repositories? Or does this imply that people who run large server
> networks are downloading executables from random untrusted sources
> and running them? As root?
>
> I wish they'd make these things clearer. I never know when something
> is worth worrying about. Am I missing something?
>
>          ...Akkana
>
         I don't know how System Administrators are selected and hired.  
I would assume
long years in classes to get through.  But remember that if you graduate 
at the bottom
of your class in Medical School you are called Doctor.  Some of these 
doctors are ok
and others are disasters, I would bet the same is true of System 
Administrators.
     I can imagine that they learn about a new administrative tool like 
Pilot and then
not careful of their sources,download and install it to find later that 
they have
made a bad mistake.

     But I don't*know *though I can construct scenarios that account for 
this sort
of thing.
     The only system I administer is my own.  I get stuff from trusted 
repositories
or specialist sites for my anime and manga.

     bliss - “Nearly any fool can use a computer. Many do.” After all 
here I am...

More information about the sf-lug mailing list