NextCloud Linux Servers Targetted by NextCry Ransomware Slashdot
https://nu.federati.net/url/252287

>b-dayyy quotes Linux Security:
>A new and particularly troublesome ransomware variant has been identified in the wild. Dubbed NextCry, this nasty strain of ransomware encrypts data on NextCloud Linux servers and has managed to evade the detection of public scanning platforms and antivirus engines. To make matters worse, there is currently no free decryption tool available for victims.
>
>Ransomware hunter and creator of ID Ransomware Michael Gillespie notes that the NextCry ransomware, which is a Python script compiled in a Linux ELF binary using pyInstaller, oddly uses Base64 to encode file names as well as the content of files which have already been encrypted. Gillespie has also confirmed that NextCry encrypts data using the AES algorithm with a 256-bit key.
>
>The ransom note that NextCry victims receive reads "READ_FOR_DECRYPT", and demands 0.025 BTC for a victim's files to be unlocked.

https://nu.federati.net/url/252289