The officially official Devuan Forum!

You are not logged in.

#1 2021-02-03 14:53:30

Altoid
Member
Registered: 2017-05-07
Posts: 1,415  

Kobalos malware - possibly ported to Linux

Hello:

Just a heads up so we're all on our toes:

This morning's article in The Register:
https://www.theregister.com/2021/02/03/kobalos_malware/

ESET page on the matter:

ESET wrote:

We reverse engineered this small, yet complex, malware that is portable to many operating systems including Linux, BSD, Solaris, and possibly AIX and Windows.

https://www.welivesecurity.com/2021/02/ … structure/

Best,

A.

Last edited by Altoid (2021-02-03 14:55:51)

Offline

#2 2021-02-04 07:01:38

dice
Member
Registered: 2020-11-22
Posts: 559  
Website

Re: Kobalos malware - possibly ported to Linux

Thanks for the heads up.

From this article it says...

https://insidehpc.com/2021/02/report-se … x-malware/

To reduce the Kobalos threat, ESET suggested implementing a two-factor authentication for connecting to SSH servers because “stolen credentials seems to be one of the ways it is able to propagate to different systems.”

Last edited by dice (2021-02-04 07:02:04)

Offline

#3 2021-02-04 16:14:29

Head_on_a_Stick
Member
From: London
Registered: 2019-03-24
Posts: 3,125  
Website

Re: Kobalos malware - possibly ported to Linux

To remove the risk completely:

# apt purge openssh-{client,server}

Brianna Ghey — Rest In Power

Offline

#4 2021-02-05 12:13:42

dice
Member
Registered: 2020-11-22
Posts: 559  
Website

Re: Kobalos malware - possibly ported to Linux

Head_on_a_Stick wrote:

To remove the risk completely:

# apt purge openssh-{client,server}

Be nice to see libressl ported to devuan/debian as in maintained by devuan/debian. If i was smart enough i would give it a try. Not that it matters with this type of malware i dont suppose.

Offline

Board footer