Author

Topic: {Warning}:Skidmap Linux Malware Uses Rootkit Capabilities to Hide Cryptocurrency (Read 155 times)

legendary
Activity: 2702
Merit: 4002
Scam methods are evolving rapidly and random handling by downloading a lot of apps you at risk.
This makes us emphasize the need to install updates immediately and download them from reliable sources.

Thank you I have read about this topic a few days ago but the article above contains more detailed information.
legendary
Activity: 2576
Merit: 1655
https://twitter.com/campuscodi/status/1173926466985218049



Quote
Skidmap, a Linux malware that we recently stumbled upon, demonstrates the increasing complexity of recent cryptocurrency-mining threats. This malware is notable because of the way it loads malicious kernel modules to keep its cryptocurrency mining operations under the radar.

Skidmap uses fairly advanced methods to ensure that it and its components remain undetected. For instance, its use of LKM rootkits — given their capability to overwrite or modify parts of the kernel — makes it harder to clean compared to other malware. In addition, Skidmap has multiple ways to access affected machines, which allow it to reinfect systems that have been restored or cleaned up.

Cryptocurrency-mining threats don’t just affect a server or workstation’s performance — they could also translate to higher expenses and even disrupt businesses especially if they are used to run mission-critical operations. Given Linux’s use in many enterprise environments, its users, particularly administrators, should always adopt best practices: keep the systems and servers updated and patched (or use virtual patching for legacy systems); beware of unverified, third-party repositories; and enforce the principle of least privilege to prevent suspicious and malicious executables or processes from running.

https://blog.trendmicro.com/trendlabs-security-intelligence/skidmap-linux-malware-uses-rootkit-capabilities-to-hide-cryptocurrency-mining-payload/

Warning for those users Linux and other Unix like flavours system, specially those running Bitcoin's full node underneath.
Jump to: