Alerts This Week
Warning Icon 1 1,154
Alerts This Week
Warning Icon 1 1,154

Fancy Bear Targets Embassies With Drovorub Linux Malware Campaign

11.Locks IsometricPattern Esm H446

Russian digital espionage group Fancy Bear has incorporated a new Linux-based malware dubbed “Drovorub” into their attack campaigns, according to the National Security Agency (NSA) and the FBI.

 

In their joint advisory last year, the NSA and FBI explained the Linux-based malware — dubbed “Drovorub” by researchers — consists of three different components: a kernel module rootkit, a file transfer and port forwarding kit and a command-and-control (C&C) tool.

They found that these traits made it possible for Fancy Bear, also known as “APT28” and “Strontium,” to download and upload files, execute arbitrary commands as root and port forward network traffic on other hosts.

Your message here