Linux Computers Targeted with Fresh Fysbis Spying Malware
One fresh malicious program called Fysbis, whose other name is Linux.BackDoor.Fysbis has been created for targeting Linux computers through installation of a backdoor which reportedly opens the machine's access to the malware owner, thus facilitating him with spying on the user as well as carrying out more attacks.
It was during November 2014 that Fysbis was first felt. However, only recently did the security investigators at Palo Alto Networks manage in knowing the threat's perpetrator and its mode of operation. The investigators who conducted an extensive research speculate that the malware isn't the usual type infecting PCs so the crooks may gain monetarily through activities like Bitcoin mining, banking operations or adware, rather it's a far more advanced piece that's utilized solely within cyber-espionage schemes.
Primarily, for a routine end-user of Linux playing online games via Steam, the threat doesn't pose any danger. Conversely, for a staff member of any government department, or someone handling extremely critical data centers/Linux servers, alternatively any person employed at some major multi-national company, such people could find Fysbis on their devices.
Furthermore, Fysbis creates remote shell inside target computers; executes commands it receives from the attacker; locates, records, stores, erases or runs files; as well as intercepts keyboard strokes.
Palo Alto investigators tell that the developer of the malicious program is the notorious online spying gang called APT 28. This gang has gained pretty notoriety while understandably bears linkage with Russia. Also, while attacking globally, it concentrates on defense, non-profit and government organizations along with different governments of Eastern Europe. Plentiful reports have been generated regarding its activities, with even one Wikipedia entry created for the gang. Techworm posted this, February 13, 2016.
Additionally, receiving fresh modules, while being of small size, the malware works whether or not there are root privileges for it, thus making APT 28 versatile.
The researchers note that in spite of a belief that lingers that Linux has higher levels of safeguard against cyber-miscreants, there are still vulnerabilities and malware for the device that sophisticated adversaries leverage. Indeed, Linux security continues to mature, particularly with respect to malware, they conclude.
» SPAMfighter News - 2/22/2016