A new piece of ransomware called B0r0nt0K appeared in the threat landscape, it is targeting web sites and demanding a 20 bitcoin ransom to the victims (roughly $75,000). This B0r0nt0K ransomware infects both Linux and Windows servers.
The news was first reported by Bleeping Computer, in a BleepingComputer forum post, a user reported the infection of a website running on Ubuntu 16.04. The ransom encrypts all files and renames them by appending
According to the popular malware researcher Michael Gillespie, when the B0r0nt0K ransomware encrypts a file it will base64 the encrypted data.
“The file’s name will also be renamed by encrypting the filename, base64 encoding it,
By accessing the payment site, the user will be presented with a payment page including payment instructions (i.e. Ransom amount, the bitcoin payment address, and the contact email firstname.lastname@example.org). Experts pointed out that the malware author appears to be willing to negotiate the ransom amount.
Further details are reported in the post published on Bleeping Computer.
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.