Jump to content

Shape-shifting cryptominer savaging Linux endpoints and IoT

securitybreach

By securitybreach
in Bruno's All Things Linux

 Share

Recommended Posts

securitybreach

securitybreach

Posted
Posted
Quote

In brief AT&T cybersecurity researchers have discovered a sneaky piece of malware targeting Linux endpoints and IoT devices in the hopes of gaining persistent access and turning victims into crypto-mining drones.

 

The malware was dubbed "Shikitega" for its extensive use of the popular Shikata Ga Nai polymorphic encoder, which allows the malware to "mutate" its code to avoid detection. Shikitega alters its code each time it runs through one of several decoding loops that AT&T said each deliver multiple attacks, beginning with an ELF file that's just 370 bytes. 

 

Shikitega also downloads Mettle, a Metasploit interpreter that gives the attacker the ability to control attached webcams and includes a sniffer, multiple reverse shells, process control, shell command execution and additional abilities to control the affected system. 

 

AT&T didn't say how the initial infection occurs, but it did say Shikitega exploits two Linux vulnerabilities disclosed in 2021 to achieve its ultimate objective, which AT&T said appears to be the installation and execution of the XMRig cryptocurrency miner. 

 

The final stage also establishes persistence, which Shikitega does by downloading and executing five shell scripts that configure a pair of cron jobs for the current user and a pair for the root user using crontab, which it can also install if not available.......

 

https://www.theregister.com/2022/09/10/in_brief_security/

  • Like 3
Link to comment
Share on other sites
sunrat

sunrat

Posted
Posted

Crypto mining is about to become redundant. Yay! 🙂😎 The amount of electricity used has long been a serious thorn in its side.

Cryptocurrency Ethereum is about to cut its emissions by 99 per cent — a huge shake-up that will challenge Bitcoin

 

 

Quote

Ethereum's project involves ditching the "proof of work" model for a new one called "proof of stake".

Under this model, crypto transactions are validated by users, who stake substantial quantities of blockchain tokens (in this case, Ethereum coins) as collateral. If the users act dishonestly, they lose their stake.

Importantly, it will mean the vast network of supercomputers currently used to check transactions will no longer be required, because users themselves are doing the checking — a relatively easy task. Doing away with the computer "miners" will lead to an estimated 99 per cent drop in Ethereum's electricity use.

 

Still needs work to prevent the billions defrauded in scams. Experts have said investing in cryptocurrency is just gambling that other people are more stupid than you. 🤣

Link to comment
Share on other sites
abarbarian

abarbarian

Posted
Posted
9 hours ago, sunrat said:

Still needs work to prevent the billions defrauded in scams. Experts have said investing in cryptocurrency is just gambling that other people are more stupid than you. 🤣

 

Gambling is the word if folk are trusting ordinary folk to do the checks,

 

"it will mean the vast network of supercomputers currently used to check transactions will no longer be required, because users themselves are doing the checking — a relatively easy task. "

 

🤑

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...