Tuesday, December 3, 2024

Gruesome Malware Targeting Linux Computers

Date:

A new family of malware just appeared and attacks systems running under
Linux. Malware lurks in legitimate-looking Linux utilities and provides
hackers stolen oscilloscopes for easy access to user data. It differs from other malicious programs due to its discretion and its high recoverability.

According to researchers from the network security company Eset, the “FontOnLake” malware starts to appear more and more regularly on Linux machines. It was first detected in VirusTotal in May 2020, but the command and control servers connected to this malware were down.

However, analysis of the detected samples allowed the researchers to determine that FontOnLake contained remote access features, data stealing tools, and could initialize proxy servers. The Eset researchers believe, however, that malware operators are too cautious to be caught, as almost all samples obtained use different server addresses.

Modified Linux Utilities

Eset says that the malware is transmitted with modified Linux utilities that contain Trojans. “All modified files are standard Linux utilities and serve as a persistence method, as they typically run at system startup,” says Vladislav Hrčka, reverse engineering and malware analyst at Eset. The researchers add that the hackers modified the source code of legitimate utilities to incorporate malicious code. However, specialists are still looking for the distribution methods used to convince users to install these tainted versions.

This malware installs backdoors on infected machines and allows hackers to collect a large amount of data. Researchers have also detected rootkits in malware, allowing it to act very discreetly while being difficult to dislodge. These rootkits also allow them to update. According to Avast, the rootkit is based on the open source Suterusu project.

Unfortunately, this is not the first malware of its kind to hit Linux devices. Last August, Avast alerted users to the “HCRootkit” malware, which used the same Suterusu rootkit. As always in these types of circumstances, it is important to remember that most hacks are caused by user negligence. Therefore, never install software or utilities from fonts whose authenticity you cannot guarantee.

Ebenezer Robbins
Ebenezer Robbins
Introvert. Beer guru. Communicator. Travel fanatic. Web advocate. Certified alcohol geek. Tv buff. Subtly charming internet aficionado.

Share post:

Popular

More like this
Related

Practice Acrylic Nail Techniques Without Needing a Fake Hand

When you're starting your journey with acrylic nails, practice...

Inside the World of Common Snapping Turtles: Behavior and Habitat

The common snapping turtle (Chelydra serpentina) is one of...

How to Use Video Marketing to Promote B2C Products?

Video marketing has emerged as a powerful tool for...

Adapting to Change: The Future for Leopard Tortoise Environments

Leopard tortoises, known for their striking spotted shells and...