Linux.Encoder.1 is the first strain of ransomware targeting computers running Linux rather than Windows. Researchers have exploited a flaw in the encryption procedure used by the malware to develop a free decryption tool for victims. The malware targets specific files whose names start with a specific string, including public_html and www, and those with certain file extensions, such as.docx,.jpg, and.jpg, among others. A file called README_FOR_DECRYPT is dumped into a directory, giving victims instructions on how they can make a Bitcoin payment to recover their files.”]
Source: https://grahamcluley.com/website-files-encrypted-linux-encoder-1-ransomware-free-fix/