The number of attacks on Linux devices has increased significantly in recent months, according to an analysis by security researchers TrendMicro. Users should take precautions.
For a long time, devices with the Linux operating system were considered relatively safe. This is because hackers usually attacked the much more widespread operating systems, as they could reach a much larger number of victims here. But in recent months, criminals seem to have started rethinking, because the number of attacks on Linux-based systems has increased significantly. This is shown by an analysis by security researchers from TrendMicro. They registered a 75 percent increase in ransomware alone last year.
The interest of cybercriminals in Linux thus seems to have increased significantly. However, the attractiveness of Linux targets has also increased, because more and more companies are operating at least parts of their IT infrastructure, including servers, with Linux – also in the hope that this will make them more secure against cyberattacks than, for example, with a Windows-based system. But the supposed higher security is apparently a thing of the past, which is why those responsible should take the same care in securing their Linux systems as they do with Windows devices.
The report cites LockBit, one of the most notorious ransomware representatives at present, as an example. Here, the backers are now even offering their own variant specially tailored to Linux, which has been touted in underground forums and has already been discovered in attacks. LockBit is a ransomware-as-a-service malware and is known for not only extorting a ransom after encrypting the data, but also for publishing the data if it is not paid. The version called Linux-ESXi Locker version 1.0 may be able to spread even further and encrypt even more servers and files. This also increases the pressure on victims to pay the demanded ransoms. Other notorious malware now targeting Linux is REvil and DarkSide.
Security researchers suspect that ransomware is more difficult to detect on Linux systems because many operators thought they were safe and had little experience with securing such systems. This misjudgement could now prove fatal if more and more malware on the Darknet is also available for Linux.