News: Malware: Group Targeting Embassies Adds ‘Drovorub’ Campaign

Advisories

Discover Hacks/Cracks News

Malware: Group Targeting Embassies Adds ‘Drovorub’ Campaign

Malware: Group Targeting Embassies Adds ‘Drovorub’ Campaign

Russian digital espionage group Fancy Bear has incorporated a new Linux-based malware dubbed “Drovorub” into their attack campaigns, according to the National Security Agency (NSA) and the FBI.

 

In their joint advisory last year, the NSA and FBI explained the Linux-based malware — dubbed “Drovorub” by researchers — consists of three different components: a kernel module rootkit, a file transfer and port forwarding kit and a command-and-control (C&C) tool.

They found that these traits made it possible for Fancy Bear, also known as “APT28” and “Strontium,” to download and upload files, execute arbitrary commands as root and port forward network traffic on other hosts.

Please enable / Bitte aktiviere JavaScript!
Veuillez activer / Por favor activa el Javascript![ ? ]

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.