Can CAVL protect Linux users from Linux.Encoder.1 Linux ramsomware trojan?

ardouronerous · November 11, 2015, 5:31am

I first read about this on the Official Ubuntu Forums, which can be read here: File-encrypting ransomware starts targeting Linux Web servers

For more info:
File-encrypting ransomware starts targeting Linux Web servers - File-encrypting ransomware starts targeting Linux Web servers | Network World
Linux ransomware already infected at least tens of users - Linux ransomware already infected at least tens of usersSecurity Affairs
Flaw in Linux.Encoder1 ransomware reveals the decryption key - Flaw in Linux.Encoder1 ransomware reveals decryption keySecurity Affairs

lugo_58 · November 11, 2015, 7:32am

This Linux ransomware has the decryption code into its own codes ;D

ardouronerous · November 11, 2015, 8:02am

Thanks for the reply

Does this mean that the COMODO Anti-Malware Database should have Linux.Encoder.1 on record and detect this if I do a full system scan? Does this mean I’m pretty much safe then?

Please note CAVL’s real-time protection only works on Ubuntu 12.04 LTS, since I’m running 14.04 LTS, no real-time protection, I’m using CAVL as a on-demand scanner, am I still safe from this trojan then?

lugo_58 · November 11, 2015, 8:10am

Actually, I cannot tell something about this. I am using Windows and Comodo AV database gets updates 3-4 times in a day.
I am sure that Comodo Labs are aware of these kind of samples. :-TU

ardouronerous · November 11, 2015, 8:15am

I sure hope so, I don’t want to get infected by this, sounds scary.

Mirmos · December 13, 2015, 1:07pm

By the way - you can make CAVL provide real time protection in later versions of Ubuntu by applying Kinta’s last fix (search these forums) and downloading any obsolete dependency files (if any CAV installation file complains) from Debian. Google the missing dependency file name but be cautious where you get it from.