Compliance Management, Threat Management, Malware, Privacy, Security Strategy, Plan, Budget

Linux.Proxy.10 infects thousands of devices with standard settings

Dr. Web researchers spotted a Linux trojan, dubbed Linux.Proxy.10 that has been used to infect thousands of Linux devices.

The trojan infiltrates computers and devices that etiher have standard settings or are already infected by a  Linux malware and is  distributed by the threat actor logging into the vulnerable devices via the SSH protocol, according to a Jan. 24 blog post.

Researchers said the malware is designed to run a SOCKS5 proxy server on the infected device on the basis of the freeware source code of the Satanic Socks Serve, contains BackDoor.Teamviewer spyware, and allows the cybercriminals to remain anonymous online.

To prevent infection, Linux admins are instructed to ensure to remotely scan their devices on a daily basis, change security settings from standard to advance, monitor new logins, encrypt data communication, use Linux security extensions, lock user accounts after login failures, disable root login, and configure logging and auditing to collect all hacking attempts.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.