HiddenWasp: new malware takes remote control of Linux

by | May 31, 2019

ETIQUETAS: Hot news | Linux-en | Open source | Security

The cybersecurity company Intezer has discovered a new malware targeting Linux systems. HiddenWasp is a Trojan that allows cybercriminals to take remote control of infected machines. At the moment, the most popular malware protection systems are not able to detect this threat.

HiddenWasp executes an initial script to implement the malware. The hidden script uses a user called ‘sftp’ and cleans the system to remove previous versions of malware in case the device is already infected.

Then, it downloads a storage file from the server containing all the components, including the rootkit and the Trojan. The script adds the Trojan to /etc/rc.local so that it works even after the user reboots the system.

Once installed, the attacker can take remote control of the infected terminal and execute code, upload files, download more scripts… According to their analysis, the researchers explained that this malware is spread in systems which are previously controlled by hackers, so it would be used as a secondary load.

The HiddenWasp developers have taken advantage of Open Source multi-malware code, such as Mirai and the Azazel rootkit. It resembles different families of threats from China, but its authorship and origin are still unclear.

You will find more information and a technical analysis of this malware at Intezer Blog.

SHARE

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

Recent posts

VDI: The most secure environment for hybrid working

Today is Data Privacy Day. The purpose of this date is to raise awareness and promote privacy and data protection best practices. It was initiated by the European Commission, the Council of Europe, and the Data Protection authorities of the European Union’s member states. Their main goal was to drive attention to the importance of privacy, user data protection, and compliance of the General Data Protection Regulation (RGPD). It is a regulation characterized by significant fines for non-compliance since its implementation in 2018.

How to avoid issues with virtual machines

Virtualization comes with a wide range of benefits for organizations. It helps cut IT costs and reduces downtime while increasing efficiency and productivity. It also increases the resiliency of networks, primarily when disasters occur, and promotes more green-friendly operations.

However, using virtual machines also comes with a set of downsides. Information security may get compromised, workloads mixed up, separation duties lost, among other issues. It is vital to know how you can get over these problems, and that’s what this article will discuss.

Let’s get started.

Archives

Stay up to date with all the news from UDS ENTERPRISE through our social networks. Follow us!

Skip to content