03 September 2016

FairWare Ransomware targets Linux Servers


FairWare is a new piece of malware that is targeting Linux servers by deleting web folders while they offer to restore access to the encrypted files for a ransom of 2 Bitcoins (about $1,100).

They are not the first ransomware family  to targets Linux users, but they are the first ones to delete the web folder from computer systems.

According to the victims they say that malware first make their system down, and then it  remove folder from their Linux servers,  BleepingComputer reports. And further they complained that a ransom note called READ_ME.txt was dropped in the /root/ folder, providing them with a link to a further ransom note on Pastebin.

“Your server has been infected by a ransomware variant called FAIRWARE. You must send 2 BTC to: 1DggzWksE2Y6DUX5GcNvHHCCDUGPde8WNL within 2 weeks from now to retrieve your files and prevent them from being leaked. We are the only ones in the world that can provide your files for you! When your server was hacked, the files were encrypted and sent to a server we control,” the Pastebin note reads.

The ransom note  mentions that  victims should email fairware(at)sigaint.org  regarding any question about the ransomware. However,  the attackers refused  that  they send e-mail to everyone, but they said they sent e-mail to only those who are willing to pay.