This may be of some assistance.
https://nakedsecurity.sophos.com/2019/07/25/evilgnome-linux-malware-aimed-at-your-laptop-not-your-servers/
On 15/08/2019 7:27 am, Robert Jeffares wrote:
Hi all,
at Aug 15 05:28 NZST [1728 0814 UTC]
two seperate Rivendell installations with no connection other than
myself had a malware attack which set out to encrypt files and in once
case have stopped the system, in the other case an operator noticed a
number of errors and restarted the server which [we think] thwarted
the malware.
This message is in every directory
in a file "README_FOR_DECRYPT.txt"
All your important files are encrypted
There is only one way to get your files back: contact with
us, pay, and get decryptor software.
We accept Bitcoin, and other cryptocurrencies.
Also you can decrypt 3 files for test, its guarantee what we can
decrypt your files.
Contact information:
primary email: masterkey...@tutanota.com
reserve email: masterkey...@asia.com[root@rdhost
I am posting this because there will likely be others.
AFAICT it hits Gnome desktops.
I haven't located the malware yet, we are presuming it arrived
attached to something. Possibly an email or possibly one of the
syndicated programmes.
Neither of the machines hit are used for email.
Other local client machines have not been affected.
again as far as I can tell.
I am used to dealing with this occationally in Windows, this is new!
regards
Robert
_______________________________________________
Rivendell-dev mailing list
Rivendell-dev@lists.rivendellaudio.org
http://caspian.paravelsystems.com/mailman/listinfo/rivendell-dev
_______________________________________________
Rivendell-dev mailing list
Rivendell-dev@lists.rivendellaudio.org
http://caspian.paravelsystems.com/mailman/listinfo/rivendell-dev