Okay, /g/, this is a major reason for concern.
http://www.fxpips.com/latest-bitcoin-ransomware-disables-linux-os-websites/
Why the fuck is no one on /g/ even the slightest bit worried?
>inb4 muh off site backups
>inb4 closed-shell
Seriously, what steps should we do to mitigate the damage? Apparently, it targets all distros.
Just don't visit shady websites and you're fine.
If you care about security you're running Qubes anyway, so a ransomware is a nonconcern. Honestly if your computer gets compromised while using Linux it simply means you're the equivalent of a poser and you'd be better off using Windows or OS X.
You're supposed to know how to deal with these kind of things if you call yourself a Linux user.
>>51300431
Seriously, why the fuck aren't you guys concerned?
The havoc done to servers would be catastrophic, to say nothing about users of the server.
>>51300499
Don't run as root. Don't visit shady russian porn/warez sites. Problem solved.
>>51300531
Privilege escalation hasn't been done on most modern Linux distros, so just don't run as root and you're fine.
>>Russian anti-virus operating system firm Dr. Web has cautioned that instead of infiltrating users with destructive “weaponized PDF” or Microsoft Word files.
Does this Chris guy speak Inglese ?
>>51300547
>>51300547
It could evolve to use that soon enough.
Realistically, what ways do we have to counter such a threat, that does not involve IP blocking?
I don't need to worry about it, my files are already encrypted.
Well, it appears that the encryption being used now is weak at best, but this might change soon.
BitDefender has released a tool to repair the damage, which could be useful.
http://labs.bitdefender.com/2015/11/linux-ransomware-debut-fails-on-predictable-encryption-key/
>Linux users opening strange attachments
All blackhats need do is post it apparently from a gril
>>51300770
This attack doesn't use "strange attachments", it exploits vulnerabilities in software that connects to the Internet.
How to solve. "Unlink" becomes reserved to a kernel perhaps on optical media and removed from running kernels, with the facility transparently changed to merely flag file as deleted reported just as now. With no unlinking possible every change can be reverted at possible downside that 3Tb drives full of word files need occasional offline work.
What flaw in my logic
>>51300867
Oh, and editing a file sees that new file supersede the old one such that running OS can only access most recent
>>51300885
This could work.
Implementation would be a huge pain in the ass though.
It needs to get sufficient privileges to actually do damage. That alone is hard to acquire illegally if you keep your stuff updated.
And oh, backups work great against it too.
>>51301320
I'm thinking a proof of concept service, then ask filesystem devs & kernel devs to consider things
>Users of the server
But it doesn't affect them.
It affects servers running a specific framework, and only if they're dumb enough to let shit get root access.
It also doesn't do shit if you're a competent SA and keep backups.
