When the Linux Environment Comes Under Cyberattack

When the Linux Environment Comes Under Cyberattack

Linux-based machines are no longer considered a major obstacle for cybercriminal groups who are aiming for the operating system as a target. Starting from web shells, backdoors, rootkits to custom-made exploits, it has become seemingly easy to launch attacks on Linux-based workstations in the last few years.

Case in point  


Researchers have pointed out that several cyber gangs have started targeting Linux machines via a fileless malware installation technique that was more commonly used against Windows-based systems.
One of the gangs on the forefront is TeamTNT using the new Ezuri downloader to decrypt, install and execute a final malware payload from memory, without ever writing to disk.

Even ransomware attackers are shifting to Linux


According to LinuxSecurity, Linux is becoming an increasingly popular target among ransomware attackers due to its usages across various critical devices.
One of the recently observed ransomware is a variant of RansomEXX ransomware that has been designed only to target Linux systems.
Once deployed, the variant generates a 256-bit key and uses it to encrypt all the files belonging to the targeted victim.

What else?


Last month, researchers uncovered a new cryptomining botnet called PGMiner targeting Linux-based servers that support PostgreSQL databases.
The botnet was used to illegally mine Monero cryptocurrency from targeted systems.
Apart from this, last year had also witnessed several other Linux-based botnets, such as a variant of Stantinko botnet and InterPlanetary Storm, attempting to mine cryptocurrencies and deliver malware.

Final words


Linux systems are seeing a noticeable increase in cy ..

Support the originator by clicking the read the rest link below.