1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Hackers could turn Windows Subsystem for Linux into a secret weap

    From TechnologyDaily@1337:1/100 to All on Mon May 30 12:45:04 2022
    Hackers could turn Windows Subsystem for Linux into a secret weapon

    Date:
    Mon, 30 May 2022 11:23:04 +0000

    Description:
    The number of malware strains targeting WSL is growing fast, and they're
    quite difficult to spot.

    FULL STORY ======================================================================

    Windows Subsystem for Linux (WSL) is becoming a breeding ground for malware , cybersecurity researchers are saying.

    While WSL-based malware is not particularly new (spotted as early as
    September 2021), its been rising in popularity among cybercriminals of late. Speaking to BleepingComputer , cybersecurity researchers from Lumen Technologies said theyve managed to track more than 100 samples since then.

    The samples vary in complexity, as well as features on offer. While some are relatively simple, others enable threat actors to remotely access devices,
    run arbitrary code, steal authentication cookies from specific browsers , or download files.

    Share your thoughts on Cybersecurity and get a free copy of the Hacker's Manual 2022 . Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at the end of this survey to get the bookazine, worth $10.99/10.99. Low detection rates

    Some variants are designed as stage-one malware, allowing threat actors to take screenshots and obtain system information, which help them determine the next steps in compromise, the researchers further stated. Others are built as pure espionage tools.

    The worst part is that these malware variants are relatively difficult to spot, even though theyre usually based on code thats available to the general public. In fact, Lumen Technologies Black Lotus Labs recently discovered that out of 57 antivirus solutions put to the test, only two flagged these
    variants as malicious. Read more

    Windows 11 users can now install WSL from the Microsoft Store


    Windows 11 takes a big step forward with full release of Windows Subsystem
    for Linux app


    Windows 11 WSL 2 is almost as quick as running Linux natively

    All of these things - more features, persistence, low detection rates - make WSL-based malware a real threat, the researchers concluded, especially with active C2 server infrastructure in place.

    Those interested in keeping safe from WSL-based malware, BleepingComputer emphasized, need to closely monitor system activity (SysMon, for example),
    and look for suspicious happenings.

    WSL was first showcased in 2016, together with the Windows 10 Anniversary Update. It was described as a new way to access GNU and Linux tools, without the need for two separate operating systems. While at first it didnt provide full access to the Linux kernel, this was made possible in mid-2019, when WSL 2 was released. These are the best ransomware protection services today

    Via BleepingComputer



    ======================================================================
    Link to news story: https://www.techradar.com/news/hackers-could-turn-windows-subsystem-for-linux- into-a-secret-weapon/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)