Linux users should not assume they are safe from the ambitions and reach of reputed Russian hacking group Fancy Bear, which has been using a newly disclosed malware toolset to establish a command-and-control connection with infected Linux systems.
Called Drovorub, the toolset essentially creates a backdoor that enables file downloads and uploads, the execution of arbitrary commands as root, and the port forwarding of network traffic to additional hosts on the network, the FBI and National Security Agency warned last week in a cybersecurity advisory, news release and fact sheet. The advisory describes the malware as an “implant coupled with a kernel module rootkit,” enhanced with additional components and modules.
Please register to continue.
Already registered? Log in.
Once you register, you'll receive:
The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.
Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.
SC Media’s essential morning briefing for cybersecurity professionals.
One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.