Here's a warning to all Linux users. The United States Federal Bureau of Investigation (FBI) and the National Security Agency (NSA) revealed in a report that they found a hidden malware lurking on the Linux-based computers. Both agencies point their fingers on Russian hackers. What can this 'Fancy Bear' malware do and how to prevent being a victim of one?
Warning: Russian hackers are back!
As reported via Reuters, on Thursday, Aug. 13, the FBI and NSA told the media that a sophisticated Russian hacking tool was recently found on Linux-based computers.
According to their report, Russia's Main Intelligence Directorate, known as the GRU, was using a hacking tool codenamed "Drovorub." They claim that it is the work of the APT28 (Fancy Bear, Sednit), a codename normally given to the hackers operating out of the Russian military group.
Linux is an open-source operating system that is normally used for web-serving, databases, or computing. It is a close competitor of Microsoft.
"Linux systems are used pervasively throughout National Security Systems, the Department of Defense, and the Defense Industrial Base - as well as the larger cybersecurity community writ large," Keppel Wood, chief operations officer in the NSA's Cybersecurity Directorate, told Reuters. "The malware has the potential to have a widespread impact if network defenders don't take action against it."
Through the warning, both security agencies said that private companies should be alert and raise awareness, especially if they use the software.
What is 'Drovorub' malware
As further explained by McAfee CTO, Steve Grobman via ZDNet, 'Drovorub' is a Linux malware toolset that inserts a 'kernel module rootkit' on the system of a computer.
This implant does an automatic file transfer and port forwarding tool. Technically, it means that hackers can easily control and access a computer once the malware is inside the system.
"In addition to Drovorub's multiple capabilities, it is designed for stealth by utilizing advanced 'rootkit' technologies that make detection difficult," the McAfee exec added. "The element of stealth allows the operatives to implant the malware in many different types of targets, enabling an attack at any time."
The Russian GRU has not yet commented on the issue. However, here's another expose from the McAfee expert. He warned that the Drovorub could pose a threat for espionage or worse, election interference in the country.
How to prevent getting hacked?
FBI enlisted things that Linux owners can do in order to prevent being a victim of the Russian hackers.
The agency recommends updating any Linux systems that they have in the office or home. Specifically, the kernel version 3.7 or later versions.
ALSO READ: Intel Hacked: 20GB of Data Including Secret Files Accessible Using Password 'Intel123' Leak Online
This article is owned by Tech Times
Written by Jamie Pancho