HomesecurityNew malware targets Linux systems remotely

New malware targets Linux systems remotely


Threats to Linux systems are usually not mentioned in detail, as is done with their security ecosystem Windows. This is mainly due to the fact that many times attacks are not even detected by business security mechanisms, but also because they are not so important to be widely reported by security researchers.

Of course, this does not mean that there are no more serious threats to a Linux system, such as specialized malware using advanced detection techniques, which can use the available open source code. According to cyber security company Intezer, such malicious software has recently appeared. It is called HiddenWasp and what makes it quite dangerous right now is the fact that it is not detected by any of the popular malware protection systems.

How does HiddenWasp attack Linux systems?

The first step of malware uses the initial script to develop malicious software. The hidden script uses a sftp username with a powerful password and cleans the system to remove older versions of malware if the machine was already infected.

It then downloads a file from the server that contains all the elements, including rootkit and the trojan. The script also tries to add the trojan to /etc/rc.local to work even after a system restarts.

The rootkit involved in the malicious software shares many similarities with the Azazel open source rootkit. It also shares strings with ChinaZ malware, Adore-ng rootkit and Mirai malware. As for the capabilities of this malware, it can run commands on the terminal, execute files, download more scripts, etc.

Security researchers, however, still do not know who the real malware is. But they suspect that HiddenWasp works as a secondary payload, as it spreads to Linux systems that are already infected and hacked.

For more details about the new HiddenWasp malware, you can visit it Intezer's blog.

Absent Mia
Being your self, in a world that constantly tries to change you, is your greatest achievement