Dangerous new malware targets unpatched Linux machines
Patches to vulnerabilities it exploits are already available
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
Security researchers report on a newmalwarethat targets poorly configured machines to tie them into a botnet, which can then be used for nefarious purposes.
According to a report from Check Point Research (CPR), the malware variant, named FreakOut, specifically targets Linux devices that run unpatched versions of certain software.
The group writes that they encountered several instances of these attacks, which it labels as “ongoing”.
Exploits patched flaws
According to CPR, FreakOut first targets Linux devices with specific products that have not been patched against some known flaws.
These include a remote command execution (RCE) flaw in the TerraMasterOperating Systemthat powersTerraMasterNAS devices, a deserialization glitch in the ZendPHPFramework, and a deserialization of untrusted data issue in the Liferay Portalcontent management system.
Developers of all these products have released patches to close off the vulnerabilities. However, the malware is scanning the Internet for machines that are still running the unpatched version of these software, which it then exploits to gain access to the underlying Linux host.
“If successfully exploited, each device infected by the FreakOut malware can be used as a remote-controlled attack platform by the threat actors behind the attack, enabling them to target other vulnerable devices to expand their network of infected machines,” warn the researchers.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
CPR found that each infected device is configured to communicate with a command and control (C&C) server that was created in late November 2020 and has been running ever since. Upon further investigation they found evidence of 186 exploited devices that were communicating with the server.
Applying already available security patches is all that’s required to mitigate the attack. “Such attack campaigns highlight the importance of taking sufficient precautions and updating your security protections on a regular basis,” conclude the researchers.
Via:BleepingComputer
With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’sTechRadar Pro’sexpert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.
A new form of macOS malware is being used by devious North Korean hackers
Scammers are using fake copyright infringement claims to hack businesses
Australian Beach Volleyball Tour live stream: How to watch bronze and gold medal matches online for free, finals, start time
