Linux maintainers were infected for 2 years by SSH-dwelling backdoor with huge reach
-
Ebury backdoors SSH servers in hosting providers, giving the malware extraordinary reach.
Were they just trying to maintain it?
-
Ebury backdoors SSH servers in hosting providers, giving the malware extraordinary reach.
Were they just trying to maintain it?
Where is now the "in Linux it doesn't happen" group?
M.D.V. ;) If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about? Help me to understand what I'm saying, and I'll explain it better to you Rating helpful answers is nice, but saying thanks can be even nicer.
-
Where is now the "in Linux it doesn't happen" group?
M.D.V. ;) If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about? Help me to understand what I'm saying, and I'll explain it better to you Rating helpful answers is nice, but saying thanks can be even nicer.
They're busy hunting down more of these issues X|
TTFN - Kent
-
Ebury backdoors SSH servers in hosting providers, giving the malware extraordinary reach.
Were they just trying to maintain it?
I don't think many people are onboard with my level of... we'll just call it paranoia because I don't care... Nearly every machine on the planet is likely compromised. I think there's stuff 'living' in bioses, harddisk firmware, any bits of ROM that are somehow accessible, and all sorts of other ways I wouldn't even think of. Probably from here, I read about one that pulled its real payload from the YouTube comments sections where they'd commented a random video with code to pull down! We don't do it, and I don't know that we could afford to, but once you know a machine is compromised I'm not sure why the assumption wouldn't be that unless you incinerate it then it is still infected. I don't actually believe every malware/rootkit some scam call center bought actually goes to this 'nation state' seeming level of act. But I also don't think it's so sophisticated as to require a nation state and think there's more than a few nation states whose existence collectively makes it safe to assume that amongst them, someone has written "the one". It being some bits you can poke for and find just about everywhere... which should not be there.