The FBI and NSA jointly issued an advisory on Drovorub – a newly disclosed malware program targeting Linux systems. (Jan Woitas/picture alliance via Getty Images)

Linux users should not assume they are safe from the ambitions and reach of reputed Russian hacking group Fancy Bear, which has been using a newly disclosed malware toolset to establish a command-and-control connection with infected Linux systems.

Called Drovorub, the toolset essentially creates a backdoor that enables file downloads and uploads, the execution of arbitrary commands as root, and the port forwarding of network traffic to additional hosts on the network, the FBI and National Security Agency warned last week in a cybersecurity advisory, news release and fact sheet. The advisory describes the malware as an “implant coupled with a kernel module rootkit,” enhanced with additional components and modules.

Please register to continue.

Already registered? Log in.

Once you register, you'll receive:

  • News analysis

    The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.

  • Archives

    Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.

  • Daily Newswire

    SC Media’s essential morning briefing for cybersecurity professionals.

  • Learning Express

    One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.