Navigation
Recherche
|
New Linux Crypto-miner Steals Your Root Password and Disables Your Antivirus
samedi 24 novembre 2018, 08:25 , par Slashdot
Malware targeting Linux users may not be as widespread as the strains targeting the Windows ecosystem, but Linux malware is becoming just as complex and multi-functional as time passes by. ZDNet reports: The latest example of this trend is a new trojan discovered this month by Russian antivirus maker Dr.Web. This new malware strain doesn't have a distinctive name, yet, being only tracked under its generic detection name of Linux.BtcMine.174. But despite the generic name, the trojan is a little bit more complex than most Linux malware, mainly because of the plethora of malicious features it includes. The trojan itself is a giant shell script of over 1,000 lines of code. This script is the first file executed on an infected Linux system. The first thing this script does is to find a folder on disk to which it has write permissions so it can copy itself and later use to download other modules. Once the trojan has a foothold on the system it uses one of two privilege escalation exploits CVE-2016-5195 (also known as Dirty COW) and CVE-2013-2094 to get root permissions and have full access to the OS.
Read more of this story at Slashdot.
rss.slashdot.org/~r/Slashdot/slashdot/~3/cnofmFP1m0Q/new-linux-crypto-miner-steals-your-root-passwor...
|
56 sources (32 en français)
Date Actuelle
jeu. 21 nov. - 20:15 CET
|