Linux botnet abuses log4j to attack Arm, x86-based devices
A new Linux botnet, B1txor20, that targets Arm and 64-bit x86 systems shows log4j isn't going away any time soon.
Discover Hacks/Cracks News
New malware hides as legit nginx process on e-commerce servers
eCommerce servers are being targeted with remote access malware that hides on Nginx servers in a way that makes it virtually invisible to security solutions. “NginRAT essentially hijacks a host Nginx application to stay undetected. To do that, NginRAT modifies core functionality of the Linux host system. When the legitimate Nginx web server uses such functionality (eg dlopen), NginRAT intercepts it to inject itself.”
CronRat Magecart malware uses 31st February date to remain undetected
Security researchers have discovered a Linux-based remote access trojan (RAT) that uses an unusual stealth technique to remain out of sight from security products. The malware, dubbed CronRat, hides in the calendar subsystem of Linux servers (“cron”) on a non-existent day, 31 February, according to a blog post by security researchers at Sansec.
Hackers deploy Linux malware, web skimmer on eCommerce servers
Attackers are deploying a Linux backdoor on compromised e-commerce servers after injecting a credit card skimmer into online shops' websites.
These stealthy hackers avoid Windows but target Linux as they look to steal phone data
The stealthy LightBasin hacking group (also known as UNC1945) is infiltrating telecommunications companies around the world in a campaign that researchers have linked to intelligence gathering and cyber espionage. LightBasin's primary focus is on Linux and Solaris servers that are critical for running telecommunications infrastructure – and are likely to have less security measures in place than Windows systems.
Newly Found npm Malware Mines Cryptocurrency on Windows, Linux, macOS Devices
Multiple malicious packages have been identified on the npm registry this month. These packages disguise themselves as legitimate JavaScript libraries, but have been caught launching cryptominers on Linux, Windows and MacOS machines.
FontOnLake malware infects Linux systems via trojanized utilities
The newly discovered FontOnLake malware family delivers backdoor and rootkit components to infect Linux systems concealed in legitimate binaries.
