Author Topic: Can CAVL protect Linux users from Linux.Encoder.1 Linux ramsomware trojan?  (Read 1940 times)

Offline ardouronerous

  • Newbie
  • *
  • Posts: 12
I first read about this on the Official Ubuntu Forums, which can be read here: http://ubuntuforums.org/showthread.php?t=2302427

For more info:
File-encrypting ransomware starts targeting Linux Web servers - http://www.networkworld.com/article/3003095/file-encrypting-ransomware-starts-targeting-linux-web-servers.html#tk.rss_all
Linux ransomware already infected at least tens of users - http://securityaffairs.co/wordpress/41787/cyber-crime/linux-ransomware.html
Flaw in Linux.Encoder1 ransomware reveals the decryption key - http://securityaffairs.co/wordpress/41879/cyber-crime/linux-encoder1-decryptor.html

Offline yigido

  • Malware Research Group
  • Comodo's Hero
  • *****
  • Posts: 5691
  • COMODO Rocks!
    • Free Comodo Products!
COMODO Cloud Antivirus
Firefox Quantum
Encrypt the web! Use HTTPS Everywhere..
Block spying ads and invisible trackers! Use Privacy Badger..

Offline ardouronerous

  • Newbie
  • *
  • Posts: 12
Re: Can CAVL protect Linux users from Linux.Encoder.1 Linux ramsomware trojan?
« Reply #2 on: November 11, 2015, 03:02:22 AM »
Thanks for the reply :)

Does this mean that the COMODO Anti-Malware Database should have Linux.Encoder.1 on record and detect this if I do a full system scan? Does this mean I'm pretty much safe then?

Please note CAVL's real-time protection only works on Ubuntu 12.04 LTS, since I'm running 14.04 LTS, no real-time protection, I'm using CAVL as a on-demand scanner, am I still safe from this trojan then?
« Last Edit: November 11, 2015, 03:06:29 AM by ardouronerous »

Offline yigido

  • Malware Research Group
  • Comodo's Hero
  • *****
  • Posts: 5691
  • COMODO Rocks!
    • Free Comodo Products!
Re: Can CAVL protect Linux users from Linux.Encoder.1 Linux ramsomware trojan?
« Reply #3 on: November 11, 2015, 03:10:00 AM »
Actually, I cannot tell something about this. I am using Windows and Comodo AV database  gets updates 3-4 times in a day.
I am sure that Comodo Labs are aware of these kind of samples.  :-TU
COMODO Cloud Antivirus
Firefox Quantum
Encrypt the web! Use HTTPS Everywhere..
Block spying ads and invisible trackers! Use Privacy Badger..

Offline ardouronerous

  • Newbie
  • *
  • Posts: 12
Re: Can CAVL protect Linux users from Linux.Encoder.1 Linux ramsomware trojan?
« Reply #4 on: November 11, 2015, 03:15:44 AM »
I sure hope so, I don't want to get infected by this, sounds scary.

Offline Mirmos

  • Newbie
  • *
  • Posts: 15
    • Oserblog
Re: Can CAVL protect Linux users from Linux.Encoder.1 Linux ramsomware trojan?
« Reply #5 on: December 13, 2015, 08:07:42 AM »
By the way - you can make CAVL provide real time protection in later versions of Ubuntu by applying Kinta's last fix (search these forums) and downloading any obsolete dependency files (if any CAV installation file complains) from Debian. Google the missing dependency file name but be cautious where you get it from.

 

Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek