Flaw in Linux.Encoder1 ransomware reveals the decryption key

Pierluigi Paganini November 10, 2015

Experts at Bitdefender have discovered a flaw in Linux Encryption Ransomware Linux.Encoder1 that exposes the decryption Key used to lock the files.

Last week security experts at Russian antivirus firm Doctor Web reported the discovery of a new Linux ransomware dubbed Linux.Encoder1 that is targeting Linux systems. It has been estimated that tens of users have already fallen victim to this Linux ransomware. The Linux.Encoder1 ransomware encrypts files present on the systems, once a machine is infected it downloads the files containing attackers’ demands and a file containing the path to a public RSA key. The Linux ransomware is launched as a daemon and deletes the original files, subsequently, the RSA key is used to store AES keys used to encrypt files.

“First, Linux.Encoder.1 encrypts all files in home directories and directories related to website administration. Then the Trojan recursively traverses the whole file system starting with the directory from which it is launched; next time, starting with a root directory (“/”). At that, the Trojan encrypts only files with specified extensions and only if a directory name starts with one of the strings indicated by cybercriminals.” states the post published by Dr Web last week.

The Encoder.1 , reportedly distributed via a vulnerability in eBay’s Magento ecommerce platform, demands the payment of one Bitcoin ($380) in exchange for the key needed to recover the files.

Linux.Encoder1 was spread by exploiting a vulnerability in the popular eBay’ Magento e-commerce platform, in order to recover the encrypted files, victims are asked to pay one Bitcoin (roughly $380 at today’s rate), once the ransom is paid the files are decrypted using a private RSA key that retrieves the AES key from encrypted files.

Despite the above algorithms are totally secure and impossible to crack, the researchers at Bitdefender discovered a flaw in the process for the generation of the AES key used by the ransomware.

“We mentioned that the AES key is generated locally on the victim’s computer. We looked into the way the key and initialization vector are generated by reverse-engineering the Linux.Encoder.1 sample in our lab. We realized that, rather than generating secure random keys and [initialization vectors], the sample would derive these two pieces of information from the libc rand() function seeded with the current system timestamp at the moment of encryption.” states the post published by BitDefender.

“This information can be easily retrieved by looking at the file’s timestamp,” Bitdefender said. “This is a huge design flaw that allows retrieval of the AES key without having to decrypt it with the RSA public key sold by the Trojan’s operator(s).”

The flaw allowed the experts at Bitdefender to develop a decryption tool that automatically recovers files encrypted by the Linux.Encoder1. The company also provided a script and the procedure to follow to restore the encrypted files. Given the complexity of the procedure, Bitdefender provides free support to any user in need of assistance.

Linux ransomware ransom demand

Linux users are advised never to execute untrusted applications with root privileges, and it is important to perform regular backups that could allow them to recover encrypted file sin case of ransomware infections.


“Never run applications that you don’t completely trust as root user. This is a great security risk that will likely compromise your machine or the integrity of the data on it;
Backup early, backup often. If your computer falls victim to ransomware, it would be better to simply restore the affected files from an earlier backup than to pay the decryption fee. “


Yesterday I wrote about another useful tool released by Bitdefender to vaccine users against the CryptoWall 4.0 threat.

Stay Tuned

Pierluigi Paganini

(Security Affairs – Linux.Encoder1, ransomware)

you might also like

leave a comment