One Article Review
| Source |  TrendLabs Security |
|---|---|
| Identifiant | 1336741 |
| Date de publication | 2019-09-16 12:10:39 (vue: 2019-09-16 15:00:06) |
| Titre | Skidmap Linux Malware Uses Rootkit Capabilities to Hide Cryptocurrency-Mining Payload |
| Texte |  Skidmap, a Linux malware that we recently stumbled upon, demonstrates the increasing complexity of recent cryptocurrency-mining threats. This malware is notable because of the way it loads malicious kernel modules to keep its cryptocurrency mining operations under the radar.
These kernel-mode rootkits are not only more difficult to detect compared to its user-mode counterparts - attackers can also use them to gain unfettered access to the affected system. A case in point: the way Skidmap can also set up a secret master password that gives it access to any user account in the system. Conversely, given that many of Skidmap's routines require root access, the attack vector that Skidmap uses - whether through exploits, misconfigurations, or exposure to the internet - are most likely the same ones that provide the attacker root or administrative access to the system.
|
| Envoyé | Oui |
| Condensat | access account administrative affected also any appeared are attack attacker attackers because can capabilities case compared complexity conversely counterparts cryptocurrency demonstrates detect difficult exploits exposure first gain given gives hide increasing internet its keep kernel likely linux loads malicious malware many master mining misconfigurations mode modules more most not notable ones only operations password payload point: post provide radar recent recently require root rootkit rootkits routines same secret set skidmap stumbled system them these threats through under unfettered upon use user uses vector way whether |
| Tags | Malware |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.