MacMusic  |  PcMusic  |  440 Software  |  440 Forums  |  440TV  |  Zicos
linux
Search

New Linux Crypto-miner Steals Your Root Password and Disables Your Antivirus

Saturday November 24, 2018. 08:25 AM , from Slashdot
Malware targeting Linux users may not be as widespread as the strains targeting the Windows ecosystem, but Linux malware is becoming just as complex and multi-functional as time passes by. ZDNet reports: The latest example of this trend is a new trojan discovered this month by Russian antivirus maker Dr.Web. This new malware strain doesn't have a distinctive name, yet, being only tracked under its generic detection name of Linux.BtcMine.174. But despite the generic name, the trojan is a little bit more complex than most Linux malware, mainly because of the plethora of malicious features it includes. The trojan itself is a giant shell script of over 1,000 lines of code. This script is the first file executed on an infected Linux system. The first thing this script does is to find a folder on disk to which it has write permissions so it can copy itself and later use to download other modules. Once the trojan has a foothold on the system it uses one of two privilege escalation exploits CVE-2016-5195 (also known as Dirty COW) and CVE-2013-2094 to get root permissions and have full access to the OS.

Read more of this story at Slashdot.
rss.slashdot.org/~r/Slashdot/slashdot/~3/cnofmFP1m0Q/new-linux-crypto-miner-steals-your-root-passwor...
News copyright owned by their original publishers | Copyright © 2004 - 2024 Zicos / 440Network
Current Date
Nov, Sun 24 - 20:14 CET