Linux Ransomware Fail on Predictable Encryption Key
File-encrypting ransomware Trojans were almost ubiquitous on Windows, and it was only a matter of time until someone started targeting Linux. Dubbed Linux.Encoder.1, this first piece of Linux ransomware is extremely similar in behavior to CryptoWall, TorLocker and other notorious ransomware families for Windows.
How does it work?
Linux.Encoder.1 is executed on the victim’s Linux box after remote attackers leverage a flaw in the popular Magento content management system app. Once executed, the Trojan looks for the /home, /root and /var/lib/mysql folders and starts encrypting their contents. Just like Windows-based ransomware, it encrypts the contents of these files using AES (a symmetric key encryption algorithm), which provides enough strength and speed while keeping system resources usage to a minimum. The symmetric key is then encrypted with an asymmetric encryption algorithm (RSA) and is prepended to the file, along with the initialization vector used by AES.
Once the files have been encrypted, the Trojan attempts to also encrypt the contents of the root (/), skipping only critical system files, so the operating system will be able to boot up again.
At this point, it would be safe to assume that users can’t get their data back unless they pay the operators a fee in exchange for the RSA private key to decrypt the AES symmetric one. However, a major flaw in the way the Encoder Trojan is designed allowed Bitdefender researchers to recover the AES key without having to decrypt it with the RSA private key.