dChan
Anonymous ID: 43e75a Jan. 21, 2024, 12:31 p.m. No.20278674   🗄️.is 🔗kun   >>8923 >>8979 >>9050 >>9068

Jan 10, 2024

Linux devices are under attack by a never-before-seen worm | Ars Technica

 

https://arstechnica.com/security/2024/01/a-previously-unknown-worm-has-been-stealthily-targeting-linux-devices-for-a-year/

 

"… On Wednesday, researchers from network security and reliability firm Akamai revealed that a previously unknown Mirai-based network they dubbed NoaBot has been targeting Linux devices since at least last January. Instead of targeting weak telnet passwords, the NoaBot targets weak passwords connecting SSH connections. Another twist: Rather than performing DDoSes, the new botnet installs cryptocurrency mining software, which allows the attackers to generate digital coins using victims’ computing resources, electricity, and bandwidth. The cryptominer is a modified version of XMRig, a piece of legitimate open-source software being abused by the threat actor. More recently, NoaBot has been used to also deliver P2PInfect, a separate worm researchers from Palo Alto Networks revealed last July. …"

Anonymous ID: 43e75a Jan. 21, 2024, 12:34 p.m. No.20278688   🗄️.is 🔗kun   >>8923 >>8979 >>9050 >>9068

https://www.csoonline.com/article/1291144/magic-keyboard-vulnerability-allows-takeover-of-ios-android-linux-and-macos-devices.html

 

“Newlin then turned to Linux. “It turns out that the Linux attack is very, very similar,” he said. “On Linux, as long as the host is discoverable and connectable over Bluetooth, the attacker can force-pair a keyboard and inject keystrokes without the user’s confirmation. And so, this is distinct from Android in that the device has to be not only connectable but also discoverable and connectable on Linux for the attack.” Linux fixed this bug in 2020 but left the fix disabled by default.“