[PLUG] Serious linux malware
King Beowulf
kingbeowulf at gmail.com
Wed Aug 19 02:28:13 UTC 2020
On 8/14/20 5:33 AM, Rich Shepard wrote:
> As a computer user and a non-professional I'd like your thoughts on this
> Ars
> Technica article, "NSA and FBI warn that new Linux malware threatens
> national security."
>
> <https://arstechnica.com/information-technology/2020/08/nsa-and-fbi-warn-that-new-linux-malware-threatens-national-security/>
>
>
> Rich
>
The media hype this is hysterical...because RUSSIA!
There have been numerous toolkits over the years with similar
functionality (rootkit + botnet + spyware etc), so I'm not surprised a
government spy agency cleans it up. Heck, UK probably has the same
thing called "007" or similar and USA's some sort of unpronounceable
acronym...
From what I can tell, it is unlikely for this to be an issue without
local root privileges since is it MALWARE and not an EXPLOIT:
1. needs local access to computer OR
2. trick user to installing the software via email or compromised
download (gee, does that STILL happen?) OR
3. piggyback on existing remote access exploit to gain root access
(privilege escalation).
Thus, the same rules apply to keeping this off your systems and servers
as have for decades: don't click random links, don't download random
executable files, etc.
-Ed
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: OpenPGP digital signature
URL: <http://lists.pdxlinux.org/pipermail/plug/attachments/20200818/1dcad129/attachment.asc>
More information about the PLUG
mailing list