When the Linux Environment Comes Under Cyberattack

Case in point  

• Researchers have pointed out that several cyber gangs have started targeting Linux machines via a fileless malware installation technique that was more commonly used against Windows-based systems.
• One of the gangs on the forefront is TeamTNT using the new Ezuri downloader to decrypt, install and execute a final malware payload from memory, without ever writing to disk.

Even ransomware attackers are shifting to Linux

• According to LinuxSecurity, Linux is becoming an increasingly popular target among ransomware attackers due to its usages across various critical devices.
• One of the recently observed ransomware is a variant of RansomEXX ransomware that has been designed only to target Linux systems.
• Once deployed, the variant generates a 256-bit key and uses it to encrypt all the files belonging to the targeted victim.

What else?

• Last month, researchers uncovered a new cryptomining botnet called PGMiner targeting Linux-based servers that support PostgreSQL databases.
• The botnet was used to illegally mine Monero cryptocurrency from targeted systems.
• Apart from this, last year had also witnessed several other Linux-based botnets, such as a variant of Stantinko botnet and InterPlanetary Storm, attempting to mine cryptocurrencies and deliver malware.

Final words