Two threat analysts recently stumbled upon new Linux malware that keeps its cryptocurrency mining operations hidden.
On Sept. 16, Augusto Remillano II and Jakub Urbanec discovered during a post on Trend small, a counterintelligence web log. That they found new Linux malware. In keeping with the analysts, this malwae is especially notable due to the approach it hundreds malicious kernel modules to cover its cryptocurrency mining operations.
Linux Malware provides hackers full access to infected machine
The analysts discovered that Skidmap masks its cryptocurrency mining by utilizing a rootkit, that could be a program that installs and executes code on a system with no sign of ending user consent or data. This makes its malware elements undetectable by the infected system’s observation tools.
Besides running a cryptojacking campaign on the infected machine, the malware reportedly provides attackers “unfettered access” to the affected system. The analysts add:
“Skidmap also sets up a way to gain backdoor access to the machine, and also replaces the system’s pam_unix. So file with its own malicious version. This malicious file accepts a specific password for any users, thus allowing the attackers to log in as any user in the machine.”
Cryptojacking campaigns up by 29%
Cryptojacking is associate trade term for concealment crypto mining attacks that work by putting in malware. Otherwise gaining access to a computer’s process power to mine for cryptocurrencies while not the owner’s consent or information.
In August, cybersecurity company McAfee Labs free a threat report, during which it noted a rise in cryptojacking campaigns and ransomware attacks in Q1 2019. Consistent with the report, cryptojacking has been on the increase, with a twenty ninth increase in cryptojacking campaigns.
No comments:
Post a Comment