I just had a converstaion last night with a manager of a college computer science laboratory. he reports that their Linux and Apple systems were successfully attacked by the Cryptolocker ransomware. They restored their systems with backup images of the operating systems and with backups of the data files.
This Linux and Apple vulnerability to Cryptolocker is confirmed by search engine results, which include reports from a number of other college or university computer labs.
Some of these reports appear to claim Cryptolocker requires the user to open an infected file attachment in order to activated Cryptolocker. Such claims appear to be erroneous, because Cryptolocker seems to be infecting computers without the user having anything to do with e-mail and e-mail file attachments.
Do they have file shares in common? I’ve read that it will seek out those from infected computers.
Just did such a search and did not find this to be true. Also CERT claims systems affected are "Microsoft Windows systems running Windows 8, Windows 7, Vista, and XP operating systems."
You cannot install software on a Linux box without entering the root password.
How does it infect without the user giving it sudo access?
I would be quite curious to find out exactly what method was used to initiate the attack. Windows executables can NOT run on Linux or Apple machines. It does not matter if you rename them or not, with either a ".txt" extension or any other, or even with no extension at all as in Linux. The calls to the underlying OS are to dissimilar areas in the fundamental instructions necessary to run the computer.
The only way I can see that a successful or even partially succesful attack could be launched is by the useage of some manner of common second-party program calls, such as java, javascript, or flash files. At the very least, any computer that is allowed to run such files should be entirely separate from more critical machines, since the vulnerabilities in those types of files are well-established.
I'll look into it, but if you keep your system reasonably up to date, I don't really see it as much of a threat. You have to purposefully make a file executable before you run it, (with Linux at least). I strongly suspect that most people who run Linux will be somewhat less susceptible to just randomly running software than your average Windows user.