New Variant of KillDisk Encrypts Linux Machines Making Them Unbootable with Data Permanently Lost
ESET, the anti-virus company, has discovered a new variant of the destructive KillDisk, the infamous malware which was linked to the infamous Black Energy group. The latest variant encrypts Linux machines and demands a huge ransom, but is not capable of decryption making them unbootable with data permanently lost.
Despite the fact that the malware's design doesn't allow for the recovery of encrypted files, as encryption keys are neither stored nor sent anywhere, the criminals behind KillDisk demand $250,000 USD in Bitcoins.
KillDisk is a destructive malware that gained notoriety as a component of the successful attack performed by the BlackEnergy group against the Ukrainian power grid in December 2015. More recently, ESET researchers detected planned cyber-sabotage attacks against a number of different targets within Ukraine's financial sector. Since then, KillDisk attack campaigns have continued, aimed at several targets in the maritime transport sector.
Want to get immediate updates about Movidius articles? Sign up for IrishDev.com's free weekly newsletter.
GREEN BOX TOP RIGHT
The attack toolset has evolved and recent variants of KillDisk serve as file-encrypting ransomware. Initially targeting Windows systems, the version targeting Linux machines - not only affects Linux workstations but also servers, amplifying the damage potential.
Robert Lipovský, ESET Senior Researcher, explains that they have found a weakness in the encryption employed which makes recovery possible, albeit very difficult, however stresses the only safe way of dealing with ransomware is prevention.
He said; "KillDisk serves as another example of why paying ransom should not be considered an option. When dealing with criminals, there's no guarantee of getting your data back - in this case, the criminals clearly never intended to deliver on their promises.
Education, keeping systems updated and fully patched, using a reputable security solution, keeping backups and testing the ability to restore - these are the components of true insurance," Lipovsky adds .
Related Linux News
Next Story Coming Up
Previous Story Dublin Startup Commissioner Resigns
Discover Linux Job in Dublin
Get Instant Irish Tech News Updates on our Social Channels....