Linux Hacks & Cracks - Page 4

Discover Hacks/Cracks News

A Deep Dive into CL0P Ransomware

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

"Variants of CL0p were initially only found on Windows systems, but the gang also developed a Linux variant toward the end of 2022, reflecting the diversity of endpoint operating systems used by modern businesses. In an interesting, flawed technical glitch, security researchers noted that the Linux version’s encryption is easily reversible using a simple decryptor."

LinuxSecurity.com Team
Aug 21, 2023

New SkidMap Malware Attacking Wide Range of Linux Distributions

According to recent reports, there have been instances of threat actors using malware called “SkidMap” to exploit vulnerable Redis systems.

LinuxSecurity.com Team
Aug 08, 2023

Reptile Rootkit: Advanced Linux Malware Targeting South Korean Systems

Threat actors are using an open-source rootkit called Reptile to target Linux systems in South Korea.

LinuxSecurity.com Team
Aug 07, 2023

Hackers Deploy "SUBMARINE" Backdoor in Barracuda Email Security Gateway Attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday disclosed details of a "novel persistent backdoor" called SUBMARINE deployed by threat actors in connection with the hack on Barracuda Email Security Gateway (ESG) appliances.

LinuxSecurity.com Team
Jul 29, 2023

New Reptile Rootkit Malware Attacking Linux Systems Using Port Knocking

A new kernel module rootkit malware was released recently on GitHub, dubbed Reptile. It’s an open-source rootkit that has the ability to hide itself, other malicious codes, files, directories, and network traffic.

LinuxSecurity.com Team
Jul 26, 2023

SOHO Router-Targeting Botnet AVrecon Infiltrates More Than 70,000 Devices in 20 Countries: How Dangerous Is This Malware Strain?

A stealthy Linux malware called AVrecon has been infecting over 70,000 small office/home office (SOHO) routers, creating a botnet primarily aimed at stealing bandwidth and operating as a hidden residential proxy service.

LinuxSecurity.com Team
Jul 17, 2023

Fake Linux Vulnerability Exploit Drops Data-Stealing Malware

Cybersecurity researchers and threat actors are targeted by a fake proof of concept (PoC) CVE-2023-35829 exploit that installs a Linux password-stealing malware.

LinuxSecurity.com Team
Jul 13, 2023

Fake Zero-Day PoC Exploits on GitHub Push Windows, Linux Malware

Hackers are impersonating cybersecurity researchers on Twitter and GitHub to publish fake proof-of-concept exploits for zero-day vulnerabilities that infect Windows and Linux with malware.

LinuxSecurity.com Team
Jun 14, 2023

New Fractureiser malware used CurseForge Minecraft mods to infect Windows, Linux

Hackers used the popular Minecraft modding platforms Bukkit and CurseForge to distribute a new 'Fractureiser' information-stealing malware through uploaded modifications and by injecting malicious code into existing projects.

LinuxSecurity.com Team
Jun 13, 2023

New GobRAT Remote Access Trojan Targeting Linux Routers in Japan

Linux routers in Japan are the target of a new Golang remote access trojan (RAT) called GobRAT. "Initially, the attacker targets a router whose WEBUI is open to the public, executes scripts possibly by using vulnerabilities, and finally infects the GobRAT," the JPCERT Coordination Center (JPCERT/CC) said in a report published today.

LinuxSecurity.com Team
Jun 02, 2023

New Ransomware Group Uses Repurposed LockBit, Babuk Variants

A new ransomware operation has been targeting Windows and Linux systems with a combination of payloads relying on leaked LockBit and Babuk code and custom-developed tools.

LinuxSecurity.com Team
May 29, 2023

If You Use Linux - Watch Out for This Stealthy New Malware

Experts have recently discovered an upgraded version of the BPFDoor malware for Linux(opens in new tab), that’s seemingly harder to spot - and aAs a result, no antivirus programs are still flagging the executable as malicious.

LinuxSecurity.com Team
May 15, 2023

RTM Locker Ransomware Targets Linux Architecture

A new ransomware binary targeting Linux systems has been attributed to the ransomware-as-a-service (RaaS) RTM group.

LinuxSecurity.com Team
May 02, 2023

Chinese Hackers Spotted Using Linux Variant of PingPull in Targeted Cyberattacks

The Chinese nation-state group dubbed Alloy Taurus is using a Linux variant of a backdoor called PingPull as well as a new undocumented tool codenamed Sword2033.

LinuxSecurity.com Team
Apr 28, 2023

Lazarus Hackers’ Linux Malware Linked to 3CX Supply-Chain Attack

New cyber research connects the infamous North Korea-aligned Lazarus Group behind the Linux malware attack called Operation DreamJob to the 3CX supply-chain attack.

LinuxSecurity.com Team
Apr 27, 2023

Chinese Hackers Use New Linux Malware Variants for Espionage

Hackers are deploying new Linux malware variants in cyberespionage attacks, such as a new PingPull variant and a previously undocumented backdoor tracked as 'Sword2033.'

LinuxSecurity.com Team
Apr 26, 2023

Chinese Hackers Using KEYPLUG Backdoor to Attack Windows & Linux Systems

It has been reported by the Recorded Future’s Insikt Group that RedGolf, a Chinese state-sponsored threat actor group, was using a backdoor designed especially for Windows and Linux systems called KEYPLUG to infiltrate networks.

LinuxSecurity.com Team
Apr 02, 2023

Researcher Creates Polymorphic Blackmamba Malware with ChatGPT

The ChatGPT-powered Blackmamba malware, which can operate on macOS, Windows, and Linux systems, works as a keylogger, with the ability to send stolen credentials through Microsoft Teams.

LinuxSecurity.com Team
Mar 23, 2023

New Variant of the IceFire Ransomware Targets Linux Enterprise Systems

A novel Linux version of the IceFire ransomware that exploits a vulnerability in IBM's Aspera Faspex file-sharing software has been identified by SentinelLabs, a research division of cybersecurity company Sentinel One. The exploit is for CVE-2022-47986, a recently patched Aspera Faspex vulnerability.

LinuxSecurity.com Team
Mar 12, 2023

IceFire Ransomware Now Encrypts Both Linux and Windows Systems

Threat actors linked to the IceFire ransomware operation now actively target Linux systems worldwide with a new dedicated encryptor. SentinelLabs security researchers found that the gang has breached the networks of several media and entertainment organizations around the world in recent weeks, starting mid-February, according to a report shared in advance with BleepingComputer.

LinuxSecurity.com Team
Mar 09, 2023

Linux Hacks & Cracks - Page 4

Lessons from Bootkitty: Securing Linux Systems Against UEFI Intrusions

Perfctl Unveiled: Risks, Detection, and Proactive Defense Measures

Unveiling the WolfsBane Backdoor: Gelsemium's Linux Variant of Gelsevirine