Sophisticated hackers and crooks are developing more tools to target Linux-based systems used by government and big business.
At a time when use of open-source platforms are on the rise, researchers at Kaspersky have warned that sophisticated hackers and crooks are increasingly targeting Linux-based devices - using tools specifically designed to exploit vulnerabilities in the platform.
While Windows tends to be more frequently targeted in mass malware attacks, this is not always the case when it comes to advanced persistent threats (APTs), in which an intruder often a nation-state or state-sponsored group - establishes a long-term presence on a network.
SEE:Identity theft protection policy(TechRepublic Premium)
According to Kaspersky, these attackers are increasingly diversifying their arsenals to contain Linux tools, giving them a broader reach over the systems they can target. Many organisations choose Linux for strategically important servers and systems, and with a "significant trend" towards using Linux as a desktop environment by big business as well as government bodies, attackers are in turn developing more malware for the platform.
"The trend of enhancing APT toolsets was identified by our experts many times in the past, and Linux-focused tools are no exception," said Yury Namestnikov, head of Kaspersky's global research and analysis team in Russia.
"Aiming to secure their systems, IT and security departments are using Linux more often than before. Threat actors are responding to this with the creation of sophisticated tools that are able to penetrate such systems."
According to Kaspersky, over a dozen APT actors have been observed to use Linux malware or some Linux-based modules.
Most recently, this has included the LightSpy and WellMess malware campaigns, both of which targeted both Windows and Linux devices. The LightSpy malware was also found to be capable of targeting iOS and Mac devices.
While targeted attacks on Linux-based systems are still uncommon, a suite of webshells, backdoors, rootkits and custom-made exploits are readily available to those that seek to use them.
Kaspersky also suggested that the small number of recorded attacks was not representative of the danger they posed, pointing out that the compromise of a single Linux server "often leads to significant consequences", as the malware travelled through the network to endpoints running Windows or macOS, "thus providing wider access for attackers which might go unnoticed".
Prolific Russian-speaking group Turla, for example, has significantly changed its toolset over the years, including the use of Linux backdoors. According to Kaspersky, a new modification of the Penguin x64 Linux backdoor, reported earlier in 2020, has now affected dozens of servers in Europe and the US.
SEE: Social engineering: A cheat sheet for business professionals (free PDF) (TechRepublic)
Another example is Lazarus, a Korean-speaking APT group, which continues to diversify its toolset and develop non-Windows malware. Kaspersky recently reported on the multi-platform framework called MATA and in June 2020, researchers analysed new samples linked to the AppleJeus and TangoDaiwbo campaigns, used in financial and espionage attacks. The samples studied included Linux malware.
A number of measures can be taken to mitigate the risks of Linux systems falling victim to attacks, including straightforward steps like ensuring firewalls are set up properly and unused ports are blocked, automating security updates and using a dedicated security solution with Linux protection.
Organisations should additionally maintain a list of trusted software sources and avoid using unencrypted update channels; use key-based SSH authentication and protect keys with passwords; use two-factor authentication and store sensitive keys on external token devices; and avoid running binaries and scripts from untrusted sources.
"We advise cybersecurity experts to take this trend into account and implement additional measures to protect their servers and workstations," Namestnikov said.
Strengthen your organization's IT security defenses by keeping abreast of the latest cybersecurity news, solutions, and best practices. Delivered Tuesdays and Thursdays
Link:
Linux servers and workstations are hackers' next target, security researchers warn - TechRepublic
- The best web hosting services of 2024: Expert tested and reviewed - ZDNet - December 17th, 2024
- Thank You for Helping Us Close in on Getting a Dedicated ServerWere Almost There! - Redheaded Blackbelt - December 9th, 2024
- Introducing Canada, Montreal Local IP and Data Center with Dedicated Server Hosting by TheServerHost - EIN News - July 28th, 2024
- Introducing Hong Kong Local IP and Data Center with Dedicated Server Hosting by TheServerHost - EIN News - July 28th, 2024
- Introducing Singapore Local IP and Data Center with Dedicated Server Hosting by TheServerHost - EIN News - July 28th, 2024
- Introducing Texas, Dallas, Houston Local IP and Data Center with VPS and Dedicated Server Hosting by - EIN News - July 20th, 2024
- PQ.Hosting: Leading the Way in Web Hosting with Affordable VPS and Dedicated Servers Forbes Georgia - Forbes Georgia - May 27th, 2024
- ServerWhere Kicks Off Netherlands-based 10 Gbps Dedicated Servers and Cloud IaaS - Audacy - May 8th, 2024
- Palworld might be getting dedicated Xbox servers sooner than you think - Gamesradar - March 28th, 2024
- 10 Best Dedicated Server Hosting Options in India 2024 - The New Indian Express - March 20th, 2024
- 'Probably one of the worst launches of all time': Star Wars: Battlefront Classic Collection players tear into Aspyr for bugs ... - PC Gamer - March 20th, 2024
- Palworld Dedicated Servers and how to set them up - Gamesradar - February 11th, 2024
- What are the different types of web hosting? - TechRadar - February 11th, 2024
- Xbox Working Closely With Palworld Developers to Enable Faster Updates, Dedicated Servers, and More - IGN - February 3rd, 2024
- Palworld Is Missing One Key PvP Feature That Would Make It So Much Better - Screen Rant - February 3rd, 2024
- How to host and join a dedicated server in 'Palworld' - NME - January 25th, 2024
- Palworld on Xbox Doesnt Have Dedicated Servers, Limiting Co-Op to 2-4 Players While Steam Gets Up to 32 Players - IGN - January 25th, 2024
- How To Play With Friends In Enshrouded - TheGamer - January 25th, 2024
- Palworld on Game Pass Is Different From the Steam Version - The Escapist - January 25th, 2024
- Palworld Limits Multiplayer Numbers On Xbox, Here's Why - Kotaku - January 25th, 2024
- Palworld does not support dedicated servers on Xbox and will not be seeing them anytime soon - Windows Central - January 25th, 2024
- Palworld Multiplayer and how to play with friends explained - Eurogamer.net - January 25th, 2024
- What is Dedicated Hosting? Learn about the benefits and drawbacks of this powerful web hosting solution. | by Dale ... - Medium - December 10th, 2023
- Best web hosting 2023: Our experts review the top services - TechRadar - December 10th, 2023
- How to choose the best web hosting and its importance - Arizona Big Media - December 2nd, 2023
- Introducing the ToughPigs Discord Server! - ToughPigs - December 2nd, 2023
- How Smarthub's Investment Is Taking Ad Tech To New Heights - The Drum - December 2nd, 2023
- Restaurants for New Year's Eve Dinner That Will Dazzle Your Date - Orlando Date Night Guide - December 2nd, 2023
- Who Is @BasedBeffJezos, The Leader Of The Tech Elite's 'E/Acc ... - Forbes - December 2nd, 2023
- The best things to do this weekend in San Diego: Nov. 30 to Dec. 3 - The San Diego Union-Tribune - December 2nd, 2023
- 5 Ways to Protect Customer Information for Small Businesses - Small Business Trends - December 2nd, 2023
- Remote Access Adds API to Its Feature Arsenal and Marks a Turn for ... - GlobeNewswire - November 24th, 2023
- 9 Best Cheap Web Hosting India Updated Nov 2023 - Analytics Insight - November 24th, 2023
- The Need for Modernized, AI-Ready Server and Compute ... - Spiceworks News and Insights - November 24th, 2023
- Hyve and Remarkable partner to reduce cloud downtime on Black Friday - DataCentreNews UK - November 24th, 2023
- Boost Your Online Security and Privacy: The Advantages of Socks5 ... - Analytics Insight - November 24th, 2023
- What are you thankful for this holiday season? Here are 11 Ocala ... - Ocala - November 24th, 2023
- How to Choose the Right VPN: 10 Things to Consider in {YEAR} - CyberGhost VPN - November 24th, 2023
- Save Up to 81% with InMotion Hosting's Cyber Week Sale - Yahoo Finance - November 16th, 2023
- The best things to do this weekend in San Diego: Nov. 16-19 - The San Diego Union-Tribune - November 16th, 2023
- Three Truths and a Lie: Modernization and Migrating to the Cloud - Newsweek - November 16th, 2023
- Top 10 Business Intelligence Platforms, Features, and Pricing ... - Spiceworks News and Insights - November 16th, 2023
- What you need to know about the launch of Ark: Survival Ascended - Windows Central - November 16th, 2023
- What does the Wynn Casino $1 million package include for this years Las Vegas Grand Prix? - AS USA - November 16th, 2023
- ARK: Survival Ascended Impressions - The Good, The Bad And The Ugly - MMORPG.com - November 16th, 2023
- How to Watch BBC iPlayer Outside UK in 2023 - The Tech Report - November 16th, 2023
- NordVPN Vs. Atlas VPN: Which One Is Best In 2023? - Forbes - November 16th, 2023
- Raising the Bar on FIX Protocol Support - Traders Magazine - November 16th, 2023
- What Is A Remote Access VPN? Forbes Advisor INDIA - Forbes - November 16th, 2023
- Life is sweet at this local family business - BurlingtonToday.com - November 16th, 2023
- SI-BONE to Report Third Quarter 2023 Financial Results on ... - GlobeNewswire - October 17th, 2023
- There's a Film Festival Happening in Minecraft Right Now - Decrypt - October 17th, 2023
- The fight over the future of encryption, explained - MIT Technology Review - October 17th, 2023
- Kong Named in the Leaders Quadrant of the Gartner Magic ... - Yahoo Finance - October 17th, 2023
- Microsoft to create team dedicated to data center automation and ... - DatacenterDynamics - October 17th, 2023
- A brief guide to choose the right cloud solution for your law firm - Lexology - October 17th, 2023
- How to Fix BLZ51903006 Error in World of Warcraft - PC Invasion - May 12th, 2023
- Robot food service workers on the rise in metro - Detroit Free Press - May 12th, 2023
- MySQL Database Optimisation in Simple but Effective Way - Medium - May 12th, 2023
- Function-As-A-Service Market Will Accelerate Rapidly with Excellent CAGR of 26.35% in the forecast period of 2 - openPR - May 12th, 2023
- Rising Trends of Cloud Server Hosting Market will Witness ... - Digital Journal - May 12th, 2023
- SIGMA LITHIUM AND BRAZILIAN GOVERNMENT OFFICIALS RING ... - PR Newswire - May 12th, 2023
- An Introduction to the Bun JavaScript Runtime SitePoint - SitePoint - May 12th, 2023
- Introducing Cloudzupp: The One-Stop Destination for Cloud Services and Digital Marketing Solutions - openPR - May 4th, 2023
- Scared of Leaking Data to ChatGPT? Microsoft Tests a Private ... - The Information - May 4th, 2023
- Webyne: Revolutionizing Web Hosting Services in India With ... - Deccan Herald - May 4th, 2023
- THE DISH: Special events in works for Mother's Day - The Bakersfield Californian - May 4th, 2023
- Healthcare's Recent Cybercriminal Activity Attributed to ... - MedCity News - May 4th, 2023
- AMD says new Ryzen 7040 chips beat Intel (and Apple) in thin-and-light PCs - Ars Technica - May 4th, 2023
- Tips to use the Cockpit web consoles - TechTarget - May 4th, 2023
- Bluesky: the invite-only social network disrupting the digital landscape - CyberNews.com - May 4th, 2023
- Pet Shampoo Market was valued at USD 510.58 million in 2021 and is expected to reach USD 815.02 million by 202 - openPR - May 4th, 2023
- Spotify Not Working On iPhone? Here's How To Fix It - The Mac Observer - May 4th, 2023
- What Is a Guest Network And How to Set It Up - X-bit Labs - May 4th, 2023
- How to join a Mastodon server with the official Android app - ZDNet - April 26th, 2023
- Website Hosting: A Guide to Choosing the Perfect One - Digital Journal - April 26th, 2023
- I Voyaged to the North Pole Aboard the Worlds Only Luxury Ice-Breaking Cruise Ship. Heres What It Was Like. - Robb Report - April 26th, 2023
- Volunteer and dedicated community member will be missed as he heads back to Ireland - The Eganville Leader - April 26th, 2023
- Dining Out In 2023? Here Are 40 Dos And Don'ts To Follow - BuzzFeed - April 26th, 2023
- 5g Proxies: Exploring The Future Of Mobile Internet And How You Can Benefit Today - Startup.info - April 26th, 2023