Already a scourge on personal computers, as well as personal websites, ransomware is now going after Linux web servers, according to a new blogpost from Malwarebytes.
This is significant because these servers are depositories capable of not only hosting the malware but distributing it as well.
Three variants of Linux server ransomware have been identified from as far back as August. Malwarebytes claimed it detected a possible new variant, first spotting it on Nov. 21, that began at first demanding a $50 bitcoin ransom but then began escalating its demands up to $999.
However, there’s good news for citizens of Russia and the Commonwealth of Independent States (Azerbaijan, Armenia, Belarus, Georgia, Kazakhstan, Kyrgyzstan, Moldova, Tajikistan, Turkmenistan, Uzbekistan and Ukraine). The malware author embedded a message in Russian with an apology to those in that region and offered to de-encrypt for free those sites caught up in the campaign.