1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • This fearsome new Linux malware will send a shudder down the spin

    From TechnologyDaily@1337:1/100 to All on Mon Sep 12 21:15:04 2022
    This fearsome new Linux malware will send a shudder down the spines of IT professionals

    Date:
    Mon, 12 Sep 2022 20:03:23 +0000

    Description:
    Malware can steal data, hijack the webcam, or install a cryptominer on all kinds of Linux devices.

    FULL STORY ======================================================================

    A brand new Linux malware strain capable of different kinds of nasties has been detected, capable of abusing legitimate cloud services to stay hidden in plain sight.

    Cybersecurity researchers from AT&T Alien Labs recently discovered the
    malware and named it Shikitega. It comes with a super tiny dropper (376 bytes), using a polymorphic encoder that gradually drops the payload. That means that the malware will download and execute one module at a time, making sure it stays hidden and persistent.

    The command & control (C2) server for the malware is hosted on a known
    hosting service, making it stealthier, it was said. Abusing PwnKit

    The researchers arent absolutely certain what the malwares authors were
    trying to achieve.

    Shikitega is quite potent, as it can run on all kinds of Linux devices, and allows threat actors to control the webcam on the target endpoint , as well
    as steal credentials. On the other hand, its also capable of running XMRig, a known cryptojacker that mines the Monero cryptocurrency for the attackers.
    One can only speculate that the XMRig was added to make use of compromised devices that have no sensitive data to be stolen.

    The malware relies on two vulnerabilities, both patched months ago, to compromise the devices and achieve persistence. One is PwnKit
    (CVE-2021-4034), one of the more infamous vulnerabilities that went
    undetected for some 12 years, before finally being spotted and fixed earlier this year. The other one is CVE-2021-3493, discovered and patched more than a year ago (in April 2021). Read more

    Linux security systems have a rather damaging safety flaw


    This major Linux security vulnerability has been fixed, so patch now


    These are the best Linux distros for developers

    While theres a fix for both these holes, the researchers are saying, many IT administrators are yet to apply them, especially when it comes to Internet of Things (IoT) devices.

    The researchers dont yet know who the authors are, and are suggesting all Linux admins to keep their software up to date, install an antivirus and/or EDR on all endpoints, and make sure they back up their server files. These
    are the best Linux distros for small businesses right now

    Via: Ars Technica



    ======================================================================
    Link to news story: https://www.techradar.com/news/this-fearsome-new-linux-malware-will-send-a-shu dder-down-the-spines-of-it-professionals/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)