Ransomware is the new in-thing in the cybercriminal circles these days. As if the situation was not worrying enough already with many unsuspecting Android, Mac, and Windows users having fallen victim to this new menace, now a new type of ransomware has been discovered of which, nothing is known yet.
First spotted by the security researchers from the MalwareHunter Team, this new malware, dubbed KilcilWare targets web servers, and Magento shops.
Displaying a typical ransomware-like behavior, KimcilWare encrypts all the files on the target machine, appending the “.kimcilware” extension at the end of each file. The attack effectively renders a Magento store paralyzed shorting after its activation.
Apart from that, KimcilWare also adds own index to the server, leading to a black page with the message “Webserver Encrypted”.
“Your webserver files has been encrypted with a UNIX algorithm encryptor. You must paw 140$ to decrypt your webserver files. Payment via Bitcoin only. For more information contact me at [email protected],” reads the ransom note.
As of this writing, the total number of Magento stores under the attack had not touched the double-figure mark yet.