KillDisk is a type of malware ransomware It encrypts the contents of the hard drive when it infects a system. This type of malware aims to raise money, since "hijackers" usually ask for money to give you the password with which you can decrypt the data on your hard drive and recover it. In some cases, some "weaknesses" in this type of infection can be exploited to be able to recover the data without paying, but this is not the case in all cases.
If you do not have a backup of your data and it is valuable, being infected by one of these could be catastrophic. Well, we have already talked about several ransomware on this website that affect Linux, and now the very ESET IT security company has detected a variant of KillDisk affecting Linux also.
It is a threat classified as serious, since by encrypting the system it makes it impossible to start up in this case, endangering the computers and data stored on them. It would be especially harmful if it infects company systems that contain valuable data. But as I have said in the previous paragraphs, not all ransomwares are infallible, and fortunately this one is not, since ESET has found a weakness that allows you to recover the data by removing the encryption.
In addition, they warn that you should not pay ransoms that can sometimes range from a few hundred euros to thousands of them. Therefore, they are expensive ransoms, the amounts are even increased depending on the relevance of the encrypted data and the interest that the victim has in recovering them. But experts advise not to pay these cybercriminals, since sometimes not even paying is guaranteed that they keep their word and give the password to be able to decipher the content ...
They come back again with the ransomware of reading quite a few posts about this and they do not explain their functions with bases, it simply says that it infects and now, look, I develop command consoles and I know very well that to do certain functions you need to be superuser first and second there are commands Because of its delicacy and security, they do not allow its execution in a complete way, so that only happens in windows, most of us who use gnu / linux know that this is the case with saying that the system if it detects a script puts it as an option if you want it to be run as a program or not, these types of baseless information are nothing.
Once again it is shown that saving certain data on our computer that connects to the Internet is not safe at all. If our computer that connects to the Internet is not secure, imagine what can be organized if we trust passwords and keys when paying bills and others with our mobiles, tablets, smartphones and other devices and paraphernalia. First they have invented the necessary technologies and now that we have the problem, what do we do? Yes, it is very easy and comfortable and a lot of work is freed with all these tools but what do we do with all this problem that is not small at all.
@Jousseph: The thing is to make the user "bite" and run a program (script or executable) with "bug". To encrypt the system folders, you need superuser permissions, but to encrypt everything in your personal folder they only need you to run it without further permission.
As a security measure, install all software from the package manager and do not trust executables that do not have the source code available.
With all this, if you make good use of the computer, it is very rare that something like this will slip through.
The ransomware encrypts all of your * personal * files (the ones you have in your personal folder, generally) and then asks you to pay "someone" to decrypt them.
Any case of infection in linux documented? ...
The million dollar question is, has it happened to anyone? Does anyone know someone who has happened to him?
No, your brother-in-law who has recorded the video of Ricky Martin and the foie gras is not worth it.