Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Researchers have uncovered an extremely stealthy trojan for Linux systems


  • Please log in to reply
3 replies to this topic

#1 NickAu

NickAu

    Bleepin' Fish Doctor


  • Moderator
  • 11,751 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:127.0.0.1 Australia
  • Local time:06:46 AM

Posted 08 December 2014 - 03:59 PM

 

Researchers have uncovered an extremely stealthy trojan for Linux systems that attackers have been using to siphon sensitive data from governments and pharmaceutical companies around the world.

The previously undiscovered malware represents a missing puzzle piece tied to "Turla," a so-called advanced persistent threat (APT) disclosed in August by Kaspersky Lab and Symantec. For at least four years, the campaign targeted government institutions, embassies, military, education, research, and pharmaceutical companies in more than 45 countries. The unknown attackers—who are probably backed by a nation-state, according to Symantec—were known to have infected several hundred Windows-based computers by exploiting a variety of vulnerabilities, at least two of which were zero-day bugs. The malware was notable for its use of a rootkit that made it extremely hard to detect.

Now researchers from Moscow-based Kaspersky Lab have detected Linux-based malware used in the same campaign. Turla was already ranked as one of the top-tier APTs, in the same league as the recently disclosed Regin for instance. The discovery of the Linux component suggests it is bigger than previously thought and may presage the discovery of still more infected systems.

"The [Turla] operations are being carried out in broader environments than we previously knew," Kaspersky Lab expert Kurt Baumgartner told Ars. "All the other stuff we've seen from Turla has been windows based. This piece of the puzzle shows us that they do not limit themselves."

Powerful, highly stealthy Linux trojan may have infected victims for years

 

.

 

 



BC AdBot (Login to Remove)

 


m

#2 bmike1

bmike1

  • Members
  • 596 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Gainesville, Florida, USA
  • Local time:02:46 PM

Posted 08 December 2014 - 07:25 PM

well, now that we know about it it will be fixed!


A/V Software? I don't need A/V software. I've run Linux since '98 w/o A/V software and have never had a virus. I never even had a firewall until '01 when I began to get routers with firewalls pre installed. With Linux if a vulnerability is detected a fix is quickly found and then upon your next update the vulnerability is patched.  If you must worry about viruses  on a Linux system only worry about them in the sense that you can infect a windows user. I recommend Linux Mint or, if you need a lighter weight operating system that fits on a cd, MX14 or AntiX.


#3 NickAu

NickAu

    Bleepin' Fish Doctor

  • Topic Starter

  • Moderator
  • 11,751 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:127.0.0.1 Australia
  • Local time:06:46 AM

Posted 09 December 2014 - 03:43 PM

Read more here.

Linux software nasty slithers out of online watering holes

.



#4 cat1092

cat1092

    Bleeping Cat


  • BC Advisor
  • 6,889 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina, USA
  • Local time:02:46 PM

Posted 11 December 2014 - 05:17 AM

It's been coming, and as we have always maintained, there's no such thing as being 100% secure on the Internet. Even if running from Live media, the traffic still flows through the same Internet lines. That part, none of us has any control over, we can only hope that the networks themselves are secure. 

 

The only way to accomplish total security is simply not to press the power button. Something that in reality is next to impossible for most of us to have the will power for. 

 

No OS is 100% immune, but at the current time, Linux is still as close to it as it gets. Now that this is in the open, the open source community (not six to seven figure "engineers") will find a fix for the issue, and it won't take until the 2nd Tuesday in January to release patches, should these become needed. More like 24 to 72 hours. 

 

The Linux Advantage is that security patches are shipped once tested & stable, and can do it in this speed due to the open source advantage, rather than the "moving through the chain" corporate one that's a day late & $100 short. That's right, if you or I have the answer to an issue, and it's tested & works, solution is shipped less than 24 hours. There are many dedicated bug testers, and they work just as hard, in fact harder, as those engineers previously mentioned to get the job done. 

 

 

 

well, now that we know about it it will be fixed!

+1! :thumbup2:

 

No time for a 3 hour golf break during a Linux security breach. Dedicated Linux bug fixers will often work 18-20 hours per day to find a solution, same applies to Firefox (the #1 open source browser). 

 

Cat


Performing full disc images weekly and keeping important data off of the 'C' drive as generated can be the best defence against Malware/Ransomware attacks, as well as a wide range of other issues. 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users