Security researchers warn that a new form of malware targets Linux servers and disable their security products in order to mine cryptocurrency.
Palo Alto Networks’ Unit 42 reveals that it came across samples of malware used by a group called Rocke to infiltrate into Linux systems and look for five different cloud security products that could block further malicious activities on the compromised hosts.
The analysis reveals that successful attacks launched by Rocke first require them to exploit vulnerabilities found in other software solutions that would allow them to deploy the malware. Flaws in Apache Struts 2, Oracle WebLogic, and Adobe ColdFusion are being used.
Once the host has been compromised, the malware downloads a script called a7 on the system and enables persistence using cronjobs.
Furthermore, it can kill all the other m… (read more)
Remember to like our facebook and our twitter @ubuntufree for a chance to win a free Ubuntu laptop by Dell or HP!
Top Trending Pages: Ubuntu Hosting | Download Ubuntu Software | Share Ubuntu Files With Windows
