Monday, July 13, 22:02 p.m.
Home security Cloud Snooper attacks cloud servers

Cloud Snooper attacks cloud servers

Snooper

You may have heard the phrase that came with the operating system Linux, which says this is the best OS in terms of security. In general this is true, but there are some issues in the program that may affect it security of.

Recently SophosLab, posted one reference about a new malware, called Cloud Snooper, that can violate the security of server based on Linux or any other operating system, through one driver of the core.

Attackers can now execute commands at network, using the new Cloud Snooper malware.

What is Cloud Snooper?

Cloud Snooper is a new sophisticated malware software, which creates communication with the cloud computing server, bypassing the firewall.

How does it infect servers?

As you probably know, everything on the Linux operating system is files. So malicious users take advantage of the Linux kernel driver file called 'snd_floppy'.

The file name was chosen to resemble other Linux driver programs that start with "snd" such as snd_pcm, snd_hda_intel, snd_hda_codec and snd_timer.

In order to spy on the server, the attacker uses a signaling method, in which the hidden monitoring command is added to the normal network traffic data to perform malicious actions.

The script acts as secret data, which is extracted from the network traffic from the snd_floppy driver file. The intruder uses the 16-bit TCP source port to send the command, bypassing the crawl from the firewall.

How to protect the server from Cloud Snooper?

The first thing you can do is modify the current firewall security rules to detect and block packages from an illegal source port.

If the firewall still does not restrict the entry of an infected file, you can add another layer of protection to prevent a script from running. You can use any tool which can monitor and delete dangerously programs kernel driver or other unwanted programs from your server.

You can also add two-factor authentication as an additional level of security.

LEAVE ANSWER

Please enter your comment!
Please enter your name here

Absent Mia
Absent Miahttps://www.secnews.gr
Being your self, in a world that constantly tries to change you, is your greatest achievement

LIVE NEWS

Ryzen 7 1700 vs. Ryzen 3 3300X: 8 cores vs. 4

AMD's favorite classic old generation, Ryzen 7 1700, is being tested and compared to its direct competitor, the 4-core Ryzen 3 ...
00:02:36

Browser War: Safari and Edge threaten Chrome

The new Edge browser, released for Windows 10 Home and now available for download on Mac, is based on Chromium, which ...

PC sales worldwide have increased due to coronavirus

The outbreak of the coronavirus pandemic has affected all areas of our lives. After health and other industries have been hit ...

MIT: They make a robot handle that will be able to distinguish cables!

MIT researchers have developed a robot handle with the ability to handle very thin objects such as ropes and cables, according to a statement.

Fedora 33: Will contain Nano as the default text editor

Have you ever thought, who is your favorite text editor, when we talk about operating systems based on ...

Hacker was selling databases of the Ukrainian government

A Ukrainian hacker has been arrested for selling confidential information collected from Ukrainian government databases. According to a ...
00:02:11

TikTok downloaded 49 million videos that violated the terms of use

TikTok downloaded more than 49 million videos from users around the world in the second half of 2019, according to ...

United Kingdom: Is Huawei's immediate foreclosure "dangerous"?

Philip Jansen, CEO of the British telecommunications company "BT", stated that any government move demands the immediate exclusion of the Huawei kit from ...

Dark Mode comes in Google Docs, Sheets and Slides for Android

Do you spend a lot of time using Google Docs, Sheets or Slides on your Android phone or tablet? We have good news for you ...

Hackers seek to exploit vulnerabilities in Citrix ADC

Last week, Citrix released fixes for a total of 11 vulnerabilities in some of its most popular products, in which ...