Kaspersky researchers recently discovered a new file-encrypting Trojan built as an executable and linkable format (ELF) that encrypts data on machines controlled by Linux-based operating systems.

This was significant because researchers considered this the first time a major Windows ransomware strain – RansomEXX – was ported to Linux. W3Techs reports that 28.8 percent of all web servers run on Linux.

According to a report last Friday, after initial analysis, the Kaspersky researchers noticed similarities in the code of the Trojan, the text of the ransom notes and the general approach to extortion that pointed to an encounter with a Linux strain of the RansomEXX ransomware family.