On Sept. 16, Augusto Remillano II and Jakub Urbanec discovered during a post on Trend small, a counterintelligence weblog. That they found new Linux malware. In keeping with the analysts, this malware is especially notable due to the approach it hundreds of malicious kernel modules to cover its cryptocurrency mining operations.
Linux Malware provides hackers full access to the infected machine
The analysts discovered that Skidmap masks its cryptocurrency mining by utilizing a rootkit, that could be a program that installs and executes code on a system with no sign of ending user consent or data. This makes its malware elements undetectable by the infected system’s observation tools.
Besides running a crypto-jacking campaign on the infected machine, the malware reportedly provides attackers “unfettered access” to the affected system. The analysts add:
“Skidmap also sets up a way to gain backdoor access to the machine, and also replaces the system’s pam_unix. So file with its own malicious version. This malicious file accepts a specific password for any users, thus allowing the attackers to log in as any user in the machine.”
No comments:
Post a Comment