KillDisk Ransomware Targets Linux

To all Linux users,

Beware of Linux malware, namely KillDisk, which targets Linux systems recently.

Please read here for more info.

For those who are still challenging about "Linux do not need anti-virus", please think it over.

It all just my opinion, relax.  

Samiux

i don't understand. in order to encrpy my hard disk, it need to have root access. how can it do this.

TOP

let me write the most powerful linux malware ever in 1 line
# rm -rf / --no-preserve-root
see if any antivirus can prevent this

TOP

本帖最後由 ykmran 於 2017-1-7 01:36 編輯
i don't understand. in order to encrpy my hard disk, it need to have root access. how can it do this ...
chancho 發表於 2017-1-6 21:31

裝防毒軟件就好似魔法咁解決所有malware架啦 (好似係)
連priv esc 0day都防到 (好似係)
咩btrfs snapshot呀incremental backup呀crashplan呀都要企埋一二邊


留名睇有人唔識分in the wild同in the zoo

TOP

原來 神早 己經分左兩邊.

我唔醒水tim.

thanks

TOP

To all Linux users,

Beware of Linux malware, namely KillDisk, which targets Linux systems recently. ...
samiux 發表於 2017-1-6 16:27



   如果有人得閑,

可以用2vm,

一部安av, 一部唔安,


之後兩部特登去中呢d virus.
看下後果.



我個人有正經野做,
我就唔搞啦.
thanks

TOP

To all Linux users,

Beware of Linux malware, namely KillDisk, which targets Linux systems recently. ...
samiux 發表於 2017-1-6 16:27



    雖然你話 firejail 近來有d bug?

但係我仍然覺得,

sandboxie/firejail 係 for 网上保安一個好好用的choice.

我未用sandbox 之前,
個browser 成日比人 hijack/inject.

用ebanking 都唔安心.


我win 的sandboxie set 左每reboot 机就clear all cookie etc.

咁win 我每兩日都reboot, 所以個win 的browser 好clean.



linux... 我就用firejail.
呢個, 我只係用ebank 時特登開另一個sandbox 去做 ebank.

咁樣.

TOP

裝防毒軟件就好似魔法咁解決所有malware架啦 (好似係)
連priv esc 0day都防到 (好似係)
咩btrfs snapshot ...
ykmran 發表於 2017-1-7 01:31


http://www.welivesecurity.com/20 ... ansom-cant-decrypt/
   

Indicators of Compromise (IoCs)

SHA1 file hashes

Win32/KillDisk.NBK trojan and Win32/KillDisk.NBL trojan:
2379A29B4C137AFB7C0FD80A58020F5E09716437
25074A17F5544B6F70BA3E66AB9B08ADF2702D41
95FC35948E0CE9171DFB0E972ADD2B5D03DC6938
B2E566C3CE8DA3C6D9B4DC2811D5D08729DC2900
84A2959B0AB36E1F4E3ABD61F378DC554684C9FC
92FE49F6A758492363215A58D62DF701AFB63F66
26633A02C56EA0DF49D35AA98F0FB538335F071C

Linux/KillDisk.A trojan:
8F43BDF6C2F926C160A65CBCDD4C4738A3745C0C


我都唔識,
但係如果你有 anti virus,
佢scan files 時 check 到呢個hash,
at least 話你知你中左招.

佢encrypt 你個 SSD 可能都要一兩小時,
咁anti virus 係有real time scan etc o既.

有無用, 自己諗.

thanks

TOP

let me write the most powerful linux malware ever in 1 line
# rm -rf / --no-preserve-root
s ...
ykmran 發表於 2017-1-7 01:25


   
空的杯子敲的特別響!

via HKEPC Ionic Reader v1.5.1 - Android

TOP

裝防毒軟件就好似魔法咁解決所有malware架啦 (好似係)
連priv esc 0day都防到 (好似係)
咩btrfs snapshot ...
ykmran 發表於 2017-1-7 01:31


   
空的杯子敲的特別響!

via HKEPC Ionic Reader v1.5.1 - Android

TOP