10/31/2022 0 Comments Ell accommodations![]() ![]() ![]() Finally, the script executes gnome-shell-ext.sh, which in turn launches the main executable gnome-shell-ext,” the researchers said. ![]() “Persistence is achieved by registering gnome-shell-ext.sh to run every minute in crontab. The Linux implant also gains persistence on a targeted system using crontab, similar to windows task scheduler, and sends stolen user data to a remote attacker-controlled server. ELL ACCOMMODATIONS ARCHIVEHowever, researchers at security firm Intezer Labs recently discovered a new Linux backdoor implant that appears to be under development and testing phase but already includes several malicious modules to spy on Linux desktop users.ĭubbed EvilGnome, the malware has been designed to take desktop screenshots, steal files, capture audio recording from the user’s microphone as well as download and execute further second-stage malicious modules.Īccording to a new report Intezer Labs shared with The Hacker News prior to its release, the sample of EvilGnome it discovered on VirusTotal also contains an unfinished keylogger functionality, which indicates that it was uploaded online mistakenly by its developer.ĮvilGnome malware masquerades itself as a legit GNOME extension, a program that lets Linux users extend the functionality of their desktops.Īccording to the researchers, the implant is delivered in the form of a self-extracting archive shell script created with ‘makeself,’ a small shell script that generates a self-extractable compressed tar archive from a directory. Instead, a large number of malware targeting Linux ecosystem is primarily focused on cryptocurrency mining attacks for financial gain and creating DDoS botnets by hijacking vulnerable servers. In recent years, even after the disclosure of severe critical vulnerabilities in various flavors of Linux operating systems and software, cybercriminals failed to leverage most of them in their attacks. It’s a known fact that there are a very few strains of Linux malware exist in the wild as compared to Windows viruses because of its core architecture and also due to its low market share, and also many of them don’t even have a wide range of functionalities. ELL ACCOMMODATIONS SOFTWARESecurity researchers have discovered a rare piece of Linux spyware that’s currently fully undetected across all major antivirus security software products, and includes rarely seen functionalities with regards to most Linux malware, The Hacker News learned. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |