FairWare Ransomware is Deleting Files From Linux Servers and Asking For Money!

This is not a new thing, hackers are using different types of ransomware programs to hack computer systems. But this time, Hackers are targeting Linux Based Web Servers with the help of FairWare ransomware to earn money from server admins. Hackers are first deleting the whole folder of web server files and then they are demanding for money. In normal ransomware attacks, hackers first encrypt all the files of a target system and then they leaves a message behind for money to decrypts all the files. But in this case, hackers are deleting all the files of a web server.

According to a blog post of Lawrence Abrams (Founder of tech Support Forum Bleeping Computers), “Hackers are using “FairWare” named ransomware to delete web files. After hacking a web server, attackers are remotely installing this ransomware on server. They are deleting all the web files remotely and demanding $1200 (Around 2 Bitcoins) from server admins to restore all the deleted files.”

Ransom Note

After doing all this, hackers are leaving a message. In this message they are writing,” We are the only solution in this world to recover your deleted files. We have a backup of your files, because before deleting we encrypted all the files and uploaded it on a server. This server is under our control and if you will pay us, we will reinstall these files on your server. You have time of two weeks to make this payment, after that we will permanently delete your files.”

Does Attackers really have the backup of deleted files?

According to security experts, nobody can say that hackers really have a backup of deleted files. Victims have no need to pay this ransom of two bitcoins and they need to think twice before paying. A number of Linux server have been targeted by these hackers but server admins are not giving them ransom, because they have a backup of server files.

Besides it, the hosting companies are giving services such as weekly and monthly data backup. Data backup can help admins to recover deleted files, but it is not a solution of this problem. Server admins need to find security holes and they have to fix it to keep these type of attacks away from the system.

Security Tips for Server Admins