Security News > 2020 > April > China-Linked Hackers Systematically Targeted Linux Servers for Years
Successfully conducting cross-platform attacks targeting Linux, Windows and Android devices, the adversaries have been engaged in both financially motivated and targeted espionage attacks.
For years, these groups have been strategically targeting Linux servers across a broad range of industry verticals, exploiting the immature defensive coverage within the environment and the inadequate use of endpoint protection and endpoint detection and response products, BlackBerry notes.
The targeting of Linux systems, BlackBerry argues, is significant because the platform dominates the backend infrastructure of large modern data centers and powers roughly all of the most advanced supercomputers in the world.
This always-on, always-available nature of Linux servers has allowed the attackers to establish an operations beachhead in the targeted networks, while remaining virtually undetected for almost a decade, the security researchers say.
Other threat actors target Linux as well, but Linux malware is overall rare compared to the sheer volume of malicious tools targeting Windows and MacOS operating systems.
News URL
Related news
- Volt Typhoon Hackers Exploit Zero-Day Vulnerability in Versa Director Servers Used by MSPs, ISPs (source)
- Linux version of new Cicada ransomware targets VMware ESXi servers (source)
- 'Hadooken' Linux malware targets Oracle WebLogic servers (source)
- New Linux malware Hadooken targets Oracle WebLogic servers (source)
- New Perfctl Malware Targets Linux Servers for Cryptocurrency Mining and Proxyjacking (source)
- New scanner finds Linux, UNIX servers exposed to CUPS RCE attacks (source)
- US, UK warn of Russian APT29 hackers targeting Zimbra, TeamCity servers (source)
- CISA: Hackers abuse F5 BIG-IP cookies to map internal servers (source)