Posted on 09/22/2021 11:42:37 AM PDT by Openurmind
Security researchers have discovered malicious Linux binaries created for the Windows Subsystem for Linux (WSL), indicating that hackers are trying out new methods to compromise Windows machines.
The finding underlines that threat actors are exploring new methods of attack and are focusing their attention on WSL to evade detection. Using WSL to avoid detection
The first samples targeting the WSL environment were discovered in early May and continued to appear every two to three weeks until August 22. They act as loaders for the WSL environment and enjoy very low detection on public file scanning services.
In a report today, security researchers at Lumen’s Black Lotus Labs say that the malicious files either have the payload embedded or fetch it from a remote server.
The next step is to inject the malware into a running process using Windows API calls, a technique that is neither new nor sophisticated.
From the small number of samples identified, only one came with a publicly routable IP address, hinting that threat actors are testing the use of WSL to install malware on Windows.
The malicious files rely mainly on Python 3 for carrying out their tasks and are packaged as an ELF executable for Debian using PyInstaller...
(Excerpt) Read more at bleepingcomputer.com ...
oops—I just posted it also
I will ask to have mine pulled Ace... Yours still up?
No—mine got pulled
OK, thank you! Sorry about that!
Thank you for the Ping! :)
Since WSL 2 basically is the Linux kernel tacked on to Windows it is going to be vulnerable to Linux viruses.
So....you’re saying....when Microsoft does Linux, it ceases to be secure. Hmmm.....\
From what I understand it is not a “Linux Virus” that can even affect Linux. It is bad actors using Linux to exploit holes in what windows thinks is their own safe version of Linux experience to attack windows, not the Linux. Windows can’t even do Linux without still having holes in their windows software. lol
Lol... That is what it looks like. :)
I think it is wiser to just dual boot a Linux. :)
Docker on WSL2 can either host Windows containers or Linux containers, but not both concurrently. The containers are going to end up in an AWS or Azure cloud whenever the customer makes a decision.
It takes someone with the technical brilliance of Bill Gate to make such a disaster out of Linux.
I still can’t see the appeal of running Linux on Windows when dual-booting is relatively easy using the real deal (in over a dozen variants). Now we have a perfectly good reason to avoid this novelty altogether.
Simple. Windows as a desktop environment is far more compatible with the business and engineering worlds than Linux. But Linux is far better for software development. So, for decades, Windows software developers have suffered with the Windows-based software development tools -- they're good, don't get me wrong, but they're not anywhere near as good as the standard Unix/POSIX/Linux toolsets.
So the reason to run Linux within Windows is that you get the best of both worlds -- simultaneously, which you don't get with dual/multi-boot. And if you have a Windows mindset, it's the way to go.
Personally, I have a POSIX mindset, so I do it the other way -- Linux is my desktop, and I have an RDP session always open to my Windows VM for the Windows business tools. The reason I do that is that IMO Linux has better multi-workspace handling, and I typically have 6-8 workspaces going concurrently. If I only needed one or two, I'd consider trying Windows for the desktop and Linux via the Subsystem.
Thanks to ShadowAce for the ping!
Knowing Micro$uck, I am sure it was intentional.. :P
Well said. My source told me this...
“Microsoft rewrote Linux... the first thing that was going to happen (of course), is that it would get malware”
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.