Jump to content


Linux malware gaining favor among cybercriminals


  • Please log in to reply
6 replies to this topic

#1 OFFLINE   mhbell

mhbell

    Posting Prodigy

  • Members
  • PipPipPipPipPipPipPipPipPipPip
  • 2,160 posts

Posted 29 June 2017 - 04:43 PM

Well Folks it looks like as Linux is gaining popularity it is also gaining more virus and Malware from Cyber Criminals. Up 36 percent.
Mel


Linux malware is becoming a more important tool for cybercriminals as these individuals focus a greater portion of their attention on attacking IoT devices running the open-source operating system.

WatchGuard's Internet Security Report Q1 2017 found malware targeting Linux now comprises 36 percent of all malware spotted by WatchGuard with three Linux variants, Linux/Exploit, Linux/Downloader and Linux/Flooder, being included in the list of top 10 malware samples of the first quarter.  For good measure the report argues PERL/ShellBot could also be considered a Linux malware as it primary targets systems running that software.

Read More Here

Registered Linux User #239772
Mint 18.1 Cinnimon, MX-16, Siduction LXQT, Debian Stretch, and Other Linux Distro's
https://pctechman.wordpress.com/

#2 OFFLINE   securitybreach

securitybreach

    CLI Phreak

  • Forum Admins
  • 22,785 posts

Posted 29 June 2017 - 05:07 PM

Well there is a simple reason for IoT devices getting hacked. They all use the same ports and default username/passwords. Sort of like how you can get a list of default router username/passwords easily enough by googling, the same holds true for these smart appliances. I watched a security talk the other week that was talking about this same, exact thing. Basically there are all the interconnected devices coming out but none of them offer any kind of real security so you are left with tons of devices that do not allow you to change the default password and such. The only reason why it is linux getting attacked is because these devices run embedded linux.

Unless you understand how to configure your devices (mac filtering and such), these IoT devices are currently wide open for anyone to look up and attack.
Posted ImagePosted Image Posted Image
CNI Radio/G+ Profile/Configs/PGP Key/comhack π

"Do you begin to see, then, what kind of world we are creating? It is the exact opposite of the stupid hedonistic Utopias that the old reformers imagined. A world of fear and treachery and torment, a world of trampling and being trampled upon, a world which will grow not less but more merciless as it refines itself. Progress in our world will be progress toward more pain." -George Orwell, 1984

#3 OFFLINE   goretsky

goretsky

    Forum Fiend

  • Forum Moderators
  • 1,902 posts

Posted 30 June 2017 - 02:14 AM

Hello,

I did a presentation a few years ago for work in which I referred to it as "The Internet of Infected Things."  I wonder if we ever put the slide deck up anywhere?  What's interesting is that the targets on attacks still seems to follow a bathtub curve.  The little IoT devices mark one peak, while the big server farms mark the other.  In the middle, desktops don't seem to be of much interest.  Admittedly, there is little ROI for an attacker to go after Linux desktops--they tend to be run by tech-savvy users who usually know a thing or two about security. I would imagine that, financially-speaking, there's probably more of an advantage to attacking Macs, since as more expensive computers, they likely belong to people who have larger bank accounts to steal from.

Regards,

Aryeh Goretsky
Dexter is a good dog.

Aryeh Goretsky
Microsoft MVP (Windows - IT Pro)

Facebook Google+ personal blog personal website Twitter

#4 OFFLINE   abarbarian

abarbarian

    Thread Kahuna

  • Forum MVP
  • 5,274 posts

Posted 30 June 2017 - 05:45 AM

Yep them there Apple users sure do come in useful. There is nothing like a fat juicy sacrificial goat to attract the attention of hungry wolves. The best of it is a great deal of Apple users feel that they are invulnerable and take no precautions at all. :breakfast:
Install ARCH
You'll never need to install it again
"I did and I'm really happy"

Posted Image~~~~~~~~~~~~~Posted Image

#5 OFFLINE   securitybreach

securitybreach

    CLI Phreak

  • Forum Admins
  • 22,785 posts

Posted 30 June 2017 - 06:00 AM

View Postgoretsky, on 30 June 2017 - 02:14 AM, said:

Hello,

I did a presentation a few years ago for work in which I referred to it as "The Internet of Infected Things."  I wonder if we ever put the slide deck up anywhere?  What's interesting is that the targets on attacks still seems to follow a bathtub curve.  The little IoT devices mark one peak, while the big server farms mark the other.  In the middle, desktops don't seem to be of much interest.  Admittedly, there is little ROI for an attacker to go after Linux desktops--they tend to be run by tech-savvy users who usually know a thing or two about security. I would imagine that, financially-speaking, there's probably more of an advantage to attacking Macs, since as more expensive computers, they likely belong to people who have larger bank accounts to steal from.

Regards,

Aryeh Goretsky

Do you publish those talks online in a central place? I would enjoy watching them. I have seen various Eset ones before that you were in but would like to see more.
Posted ImagePosted Image Posted Image
CNI Radio/G+ Profile/Configs/PGP Key/comhack π

"Do you begin to see, then, what kind of world we are creating? It is the exact opposite of the stupid hedonistic Utopias that the old reformers imagined. A world of fear and treachery and torment, a world of trampling and being trampled upon, a world which will grow not less but more merciless as it refines itself. Progress in our world will be progress toward more pain." -George Orwell, 1984

#6 OFFLINE   goretsky

goretsky

    Forum Fiend

  • Forum Moderators
  • 1,902 posts

Posted 30 June 2017 - 01:41 PM

Hello,

The slide deck in question is at https://www.slidesha...ewfinal-for-pub, with the actual IoT stuff starting on slide 14.  The talk is hosted at https://www.brightta.../110971.  All the talks can be found at https://www.brightta...hreats-channel.

You have to sign up for BrightTalk in order to watch talks, but it's free to do so.  Be sure to uncheck any newsletter-type options, though, I seem to recall them being a bit "chatty" when I set up my account.

Regards,

Aryeh Goretsky

Edited by goretsky, 01 July 2017 - 05:07 PM.
fixed HTML

Dexter is a good dog.

Aryeh Goretsky
Microsoft MVP (Windows - IT Pro)

Facebook Google+ personal blog personal website Twitter

#7 OFFLINE   securitybreach

securitybreach

    CLI Phreak

  • Forum Admins
  • 22,785 posts

Posted 01 July 2017 - 09:24 AM

View Postgoretsky, on 30 June 2017 - 01:41 PM, said:

Hello,

The slide deck in question is at https://www.slidesha...ewfinal-for-pub, with the actual IoT stuff starting on slide 14.  The talk is hosted at https://www.brightta...10971.  All the talks can be found at https://www.brightta...hreats-channel.

You have to sign up for BrightTalk in order to watch talks, but it's free to do so.  Be sure to uncheck any newsletter-type options, though, I seem to recall them being a bit "chatty" when I set up my account.

Regards,

Aryeh Goretsky

Will do, thanks man :)

Ha, I already have an account there.
Posted ImagePosted Image Posted Image
CNI Radio/G+ Profile/Configs/PGP Key/comhack π

"Do you begin to see, then, what kind of world we are creating? It is the exact opposite of the stupid hedonistic Utopias that the old reformers imagined. A world of fear and treachery and torment, a world of trampling and being trampled upon, a world which will grow not less but more merciless as it refines itself. Progress in our world will be progress toward more pain." -George Orwell, 1984




1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users