There is a new Linux ransomware in the wild that is targeting machines by encrypting the home directories and locking users out of their files until they visit a deep web site and pay a ransom. This is why you should have regular backups of your files in case your Linux directories are encrypted. the ransomware will encrypt your MySQL, Apache, and home/root folders. The system then asks for a single bitcoin to decrypt the files. The Apache LAMP, MySQL directories are also encrypted. Once you pay the ransom the system receives a signal to traverse the directories again to decrypt the files. The malware requires administrator privileges to run and, presumably, a sysadmin who would allow for such a program to run unbridled. The team recommends backing up all data and keeping all files in place if you’re attacked until researchers create a decryption system.
Read more about this virus/malware here: http://vms.drweb.com/virus/?i=7703983.