Express Computer
Home  »  News  »  Hackers prey on devices running open-source Linux OS

Hackers prey on devices running open-source Linux OS

0 422

As organisations opt to use open-source operating systems worldwide, cybersecurity researchers have warned that more and more threat actors are now executing targeted attacks against Linux-based devices while developing more Linux-focused tools.

Over the past eight years, over a dozen advanced persistent threat (APT) actors have been observed to use Linux malware or some Linux-based modules, according to cybersecurity firm Kaspersky.

Many organisations choose Linux for strategically important servers and systems, not least because this operating system is thought to be safer and less prone to cyberthreats than the far more popular Windows operating system.

There is a significant trend in many countries towards using Linux as a desktop environment by big enterprise companies, as well as in governmental entities, that pushes threat actors to develop malware for this platform.

The APT actors targeting Linux include infamous threat groups as Barium, Sofacy, the Lamberts, and Equation, as well as more recent campaigns such as, LightSpy by TwoSail Junk and WellMess,” Kaspersky said in a statement.

“Diversification of their arsenal with Linux tools enables threat actors to conduct operations more effectively and with wider reach”.

The myth that Linux, being a less popular operating system, is unlikely to be targeted by malware, invites additional cybersecurity risks.

“The trend of enhancing APT toolsets was identified by our experts many times in the past, and Linux-focused tools are no exception. Aiming to secure their systems, IT and security departments are using Linux more often than before,” said Yury Namestnikov, head of Kaspersky’s Global Research and Analysis Team (GReAT) in Russia.

“Threat actors are responding to this with the creation of sophisticated tools that are able to penetrate such systems,” he added.

While targeted attacks on Linux-based systems are still uncommon, there is certainly malware designed for them – including webshells, backdoors, rootkits and even custom-made exploits.

Moreover, the small number of attacks is misleading as the successful compromise of a server running Linux often leads to significant consequences.

“These include attackers not only being able to access the infected device, but also endpoints running Windows or macOS, thus providing wider access for attackers which might go unnoticed,” Kaspersky said.

Lazarus, a Korean-speaking APT group, continues to diversify its toolset and develop non-Windows malware.

“We advise cybersecurity experts to take this trend into account and implement additional measures to protect their servers and workstations,” Namestnikov suggested.

–IANS

Get real time updates directly on you device, subscribe now.

Leave A Reply

Your email address will not be published.

LIVE Webinar

Digitize your HR practice with extensions to success factors

Join us for a virtual meeting on how organizations can use these extensions to not just provide a better experience to its’ employees, but also to significantly improve the efficiency of the HR processes
REGISTER NOW 

Stay updated with News, Trending Stories & Conferences with Express Computer
Follow us on Linkedin
India's Leading e-Governance Summit is here!!! Attend and Know more.
Register Now!
close-image
Attend Webinar & Enhance Your Organisation's Digital Experience.
Register Now
close-image
Enable A Truly Seamless & Secure Workplace.
Register Now
close-image
Attend Inida's Largest BFSI Technology Conclave!
Register Now
close-image
Know how to protect your company in digital era.
Register Now
close-image
Protect Your Critical Assets From Well-Organized Hackers
Register Now
close-image
Find Solutions to Maintain Productivity
Register Now
close-image
Live Webinar : Improve customer experience with Voice Bots
Register Now
close-image
Live Event: Technology Day- Kerala, E- Governance Champions Awards
Register Now
close-image
Virtual Conference : Learn to Automate complex Business Processes
Register Now
close-image