Hacks/Cracks - Page 6 - Results from #100

Discover Hacks/Cracks News

New Ultra-Stealthy Linux Backdoor Isn’t Your Everyday Malware Discovery

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Researchers have unearthed a discovery that doesn’t occur all that often in the realm of malware: a mature, never-before-seen Linux backdoor that uses novel evasion techniques to conceal its presence on infected servers, in some cases even with a forensic investigation.

LinuxSecurity.com Team
Jun 11, 2022

20.Lock AbstractDigital Circular Esm H200

New Linux-Based Ransomware Targets VMware Servers

Security researchers have discovered some new Linux-based ransomware that's being used to attack VMware ESXi servers, a bare-metal hypervisor for creating and running several virtual machines (VMs) that share the same hard drive storage. Called Cheerscrypt, the bad app is following in the footsteps of other ransomware programs—such as LockBit, Hive and RansomEXX—that have found ESXi an efficient way to infect many computers at once with malicious payloads.

LinuxSecurity.com Team
Jun 09, 2022

New Linux Malware Symbiote is "Nearly Impossible to Detect"

A group of cybersecurity researchers from BlackBerry and Intezer discovered a new Linux malware that, according to the companies, would be “nearly impossible to detect.”

LinuxSecurity.com Team
Jun 09, 2022

Linux version of Black Basta ransomware targets VMware ESXi servers

Black Basta is the latest ransomware gang to add support for encrypting VMware ESXi virtual machines (VMs) running on enterprise Linux servers.

LinuxSecurity.com Team
Jun 09, 2022

XorDdos malware is targeting Linux and putting millions of devices at risk

Linux systems are becoming prime targets for the XorDdos malware, a new report claims.

LinuxSecurity.com Team
Jun 01, 2022

Hackers Could Turn Windows Subsystem for Linux into a Secret Weapon

The number of malware strains targeting WSL is growing.

LinuxSecurity.com Team
Jun 01, 2022

EnemyBot Linux Botnet Now Exploits Web Server, Android and CMS Vulnerabilities

A nascent Linux-based botnet named Enemybot has expanded its capabilities to include recently disclosed security vulnerabilities in its arsenal to target web servers, Android devices, and content management systems (CMS).

LinuxSecurity.com Team
Jun 01, 2022

New ‘Cheers’ Linux ransomware targets VMware ESXi servers

A new ransomware named ‘Cheers’ has appeared in the cybercrime space and has started its operations by targeting vulnerable VMware ESXi servers.

LinuxSecurity.com Team
May 26, 2022

Malicious PyPI package opens backdoors on Windows, Linux, and Macs

Yet another malicious Python package has been spotted in the PyPI registry performing supply chain attacks to drop Cobalt Strike beacons and backdoors on Windows, Linux, and macOS systems.

LinuxSecurity.com Team
May 24, 2022

Microsoft: This botnet is growing fast and hunting for servers with weak passwords

Protect your Linux servers from XorDdos, a botnet scanning the internet for SSH servers with weak passwords, Microsoft warns.

LinuxSecurity.com Team
May 23, 2022

BPFdoor: Stealthy Linux malware bypasses firewalls for remote access

A recently discovered backdoor malware called BPFdoor has been stealthily targeting Linux and Solaris systems without being noticed for more than five years.

LinuxSecurity.com Team
May 16, 2022

BPFDoor: Chinese tool almost undetected for FIVE years is second BPF-based attack uncovered this year

Researchers have uncovered a highly-evasive Chinese surveillance tool using the Berkeley Packet Filter (BPF). The malware, dubbed BPFDoor, is present on “thousands” of Linux systems, its controller has gone almost completely unnoticed by endpoint protection vendors despite it being in use for at least five years.

LinuxSecurity.com Team
May 10, 2022

Hive ransomware ports its Linux VMware ESXi encryptor to Rust

The Hive ransomware operation has converted their VMware ESXi Linux encryptor to the Rust programming language and added new features to make it harder for security researchers to snoop on victim's ransom negotiations.

LinuxSecurity.com Team
Mar 30, 2022

Linux botnet abuses log4j to attack Arm, x86-based devices

A new Linux botnet, B1txor20, that targets Arm and 64-bit x86 systems shows log4j isn't going away any time soon.

LinuxSecurity.com Team
Mar 18, 2022

New malware hides as legit nginx process on e-commerce servers

eCommerce servers are being targeted with remote access malware that hides on Nginx servers in a way that makes it virtually invisible to security solutions. “NginRAT essentially hijacks a host Nginx application to stay undetected. To do that, NginRAT modifies core functionality of the Linux host system. When the legitimate Nginx web server uses such functionality (eg dlopen), NginRAT intercepts it to inject itself.”

LinuxSecurity.com Team
Dec 03, 2021

CronRat Magecart malware uses 31st February date to remain undetected

Security researchers have discovered a Linux-based remote access trojan (RAT) that uses an unusual stealth technique to remain out of sight from security products. The malware, dubbed CronRat, hides in the calendar subsystem of Linux servers (“cron”) on a non-existent day, 31 February, according to a blog post by security researchers at Sansec.

LinuxSecurity.com Team
Nov 29, 2021

Hackers deploy Linux malware, web skimmer on eCommerce servers

Attackers are deploying a Linux backdoor on compromised e-commerce servers after injecting a credit card skimmer into online shops' websites.

LinuxSecurity.com Team
Nov 19, 2021

These stealthy hackers avoid Windows but target Linux as they look to steal phone data

The stealthy LightBasin hacking group (also known as UNC1945) is infiltrating telecommunications companies around the world in a campaign that researchers have linked to intelligence gathering and cyber espionage. LightBasin's primary focus is on Linux and Solaris servers that are critical for running telecommunications infrastructure – and are likely to have less security measures in place than Windows systems.

LinuxSecurity.com Team
Oct 22, 2021

Newly Found npm Malware Mines Cryptocurrency on Windows, Linux, macOS Devices

Multiple malicious packages have been identified on the npm registry this month. These packages disguise themselves as legitimate JavaScript libraries, but have been caught launching cryptominers on Linux, Windows and MacOS machines.

LinuxSecurity.com Team
Oct 21, 2021

FontOnLake malware infects Linux systems via trojanized utilities

The newly discovered FontOnLake malware family delivers backdoor and rootkit components to infect Linux systems concealed in legitimate binaries.

LinuxSecurity.com Team
Oct 11, 2021

Hacks/Cracks - Page 6

Akira Ransomware Gang Targets Linux Servers, Extorts $42 Million

Threat Actors Are Actively Using Pupy RAT Malware to Attack Linux Systems

Linux Version of DinodasRAT Raises Serious Security Concerns