A new Linux cryptocurrency mining malware used by the Rocke group can evade detection from cloud security protocols by disabling them.

Palo Alto’s Unit 42 researchers spotted what appears to be the first malware family that can target and remove cloud security products, according to a blog post.

“Public cloud infrastructure is one of the main targets for this cybercrime group,” the post said. “Realizing the existing cloud monitor and security products may detect the possible malware intrusion, malware authors continue to create new evasion technologies to avoid being detected by cloud security product.”

Please register to continue.

Already registered? Log in.

Once you register, you'll receive:

  • News analysis

    The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.

  • Archives

    Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.

  • Daily Newswire

    SC Media’s essential morning briefing for cybersecurity professionals.

  • Learning Express

    One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.