The FBI and the NSA have Revealed that the Russians are Disillusioned with Linux

Looking for an interest in groups of Russian hackers for this exploitation system.

Linux’s reputation is the most secure operating system, and some do not have access to virus access on these computers. This confirmation must be valid for up to 15 years, which is not the case today. The FBI and the NSA have released a report detailing a new Drovorub christening malware that links to Linux systems. The two American agencies accuse APT28, a group that separates itself from the Russian military reset service (GRU).

Drovorub is a verifiable suite which integrates a module for infection, a rootkit, a file transfer utility, another tool for port redirection and a control and control server. Malware can also be used to detect, detect, and perform various actions such as winning files or controlling the device.

Linux increasingly in the sights of hackers
To protect yourself, the report recommends upgrading to Linux kernel 3.7, which requires module signing. He also advises the activation of the UEFI secure boot which allows to block the bootkits, at least as long as the hackers do not use the BootHole flaw … The report also proposes a number of methods to detect the presence of Drovorub with various tools, like Snort, Yara or Volatility.

Attacks by Russian groups against Linux kernel-based systems are on the rise. In 2018, ESET discovered 12 new families of malware targeting this operating system. The same year, a malware called VPNFilter, also attributed to APT28, had infected routers. In 2019, Microsoft discovered another malware, targeting connected objects and attributed to the same Russian group, here under the name Strontium. The growing popularity of Linux, for servers and connected objects, and especially in the most sensitive infrastructures, risks making it a prime target for new attacks.

Reviewer overview

Russians are Disillusioned with The FBI and the NSA have Revealed that theLinux - /10


Recently reported by the FBI and the NSA detected Drovorub, a new Russian malware. The program attacks on Linux, and can control the device as well as the files.

0 Bad!