Beware! A New Linux Malware From Russian Hackers Is Stealing Data

fossbytes.com ^ | By Anmol Sachdeva - August 14, 2020

[Red Badger]

Linux ping!.............

[HombreSecreto]

In Russia, data steals from you...

[Buckeye McFrog]

so....this means what for my little Linux laptop that I use to read news and check email?

[Bob434]

wouldn’t you have to download something that contained it first? (I don’t know much abotu how viruses work- or infect- )

[Red Badger]

Ping!...............

[Red Badger]

Your little Linux Laptop is spying on you for Russia!.............

[Red Badger]

Sometimes all you have to do is just go to a website and you’re infected........Or a e-mail from a friend or relative has it because they did..............

[Bob434]

ok thanks-

Here’s a site that talks abotu how to ‘harden linux’ but it’s way above my capabilities- others might like to see it though?

https://www.mcafee.com/blogs/other-blogs/mcafee-labs/on-drovorub-linux-kernel-security-best-practices/

Would be nice if we could run linux in a sandbox like environment, and delete the daily sessions every evening- I suppose virtualbox coudl do that- would have to look into that- how to get email in it- and not lose emails when session is deleted- (We’re very careful abotu our emails, but yup- others coudl send it- but we don’t open attachments unless we know it’s benign things like family photos or something)

[wally_bert]

I can’t even enjoy Linux anymore.

Nothing is sacred.

[epluribus_2]

This is also a good way to get you to update your systems to the CIA kernel mod needed before election day. How would we know one way or the other?

[McGruff]

Lunix Malware?

[Campion]

Keep all Linux systems updated to kernel version 3.7 or later.

A lot of distros do a wretched job of keeping their kernel updated. For reference, kernel version 5.8 was just released. If you can, learn to build & install your own kernel.

[Pollard]

uname -r

tells me 5.4.0-42-generic on Kubuntu 20.04

The NSA and FBI have been explicit in their report that systems with a kernel version of 3.7 or lower are most susceptible to Drovorub malware due to the absence of adequate kernel signing enforcement.

Some tips here on McAfee website. https://www.mcafee.com/blogs/other-blogs/mcafee-labs/on-drovorub-linux-kernel-security-best-practices/

[Polynikes]

That’s ok neither do most public health directors.

[Campion]

That’s way better than 3.7 !

[zeugma]

Sometimes all you have to do is just go to a website and you’re infected........Or a e-mail from a friend or relative has it because they did..............

It would have to be something that can escalate privs to root. In Linux, I don't know of any email programs that will auto-execute attachments. Attachments are generally saved with a filemask of 644 or 640, which will not execute natively.

[Balding_Eagle]

Linux used to be a small almost unknown operating system, and not worth hacking into.

That’s all changed.

Go find a small unknown system and all will be good again.

[wally_bert]

I toyed with Linux off and on.

Suse was my favorite back when it was young.

[SuperLuminal]

Guess my DOS machine is safe...