Ryuk Ransomware spares Windows Linux installs


A new variant of Ryuk Ransomware has been identified that does not encrypts Linux folders. This has been noticed as linux folders have been blacklisted which was used on Windows 10. This move has been done to avoid encryting the Windows Subsystem for Linux (WSL) folder by recent variant of Ryuk Ransomware. Actually Windows 10 allows and enables Linux to be installed on it as Virtual Machine. The WSL folder, if encrypted would ultimately damage the Linux Virutal Machine and thus ceasing all the option of hackers getting paid for decrypting files from the victim. This is the main motive why Ryuk Ransomware has exempted Linux folders and is only targeting Windows OS and Machines right now. It has been clear that Latest Ryuk Ransomware variant cannot target Linux OS and as a result it has spared Linux WSL installed as Virtual Machine on Windows 10 PC. This feature was introduced by Microsoft Corporation that allowed and enabled Linux directly to be installed on Windows 10 as WSL folder to improve better compatibility. WSL feature was introduced in year 2019 keeping in view those Windows users who wanted to use Linux for working environment.

Now if reports are to believed it is evident that WSL folder containing important data would be damaged completely and permanently upon encryption during Ransomware Attack. There would be no question of decryption or any decrypting tool will fail to recover and restore data even if the ransom is paid by the victim. This has gone against the hackers interest and this is the probable reason why Ryuk Ransomware has spared Linux installed OS.

There are certain specifiec folders that are being blacklisted by latest version of Ryuk Ransomware and are not encrypted

  • bin
  • boot
  • Boot
  • dev
  • etc
  • lib
  • initrd
  • sbin
  • sys
  • vmlinuz
  • run
  • var

This is a sort of Googd news for those using Linux as Operating system for now. So thoseusing Linux OS need not worry at all as their data is safe from Ryuk Ransomware attack and all *nix related folder is safe as of now. However, it is necessary to use good antivirus software in Windows PC inorder to avoid any Ransomware attack for that matter.

Leave a Comment

Your email address will not be published. Required fields are marked *

Skip to toolbar