Security News > 2020 > April > China-Linked Hackers Systematically Targeted Linux Servers for Years
Successfully conducting cross-platform attacks targeting Linux, Windows and Android devices, the adversaries have been engaged in both financially motivated and targeted espionage attacks.
For years, these groups have been strategically targeting Linux servers across a broad range of industry verticals, exploiting the immature defensive coverage within the environment and the inadequate use of endpoint protection and endpoint detection and response products, BlackBerry notes.
The targeting of Linux systems, BlackBerry argues, is significant because the platform dominates the backend infrastructure of large modern data centers and powers roughly all of the most advanced supercomputers in the world.
This always-on, always-available nature of Linux servers has allowed the attackers to establish an operations beachhead in the targeted networks, while remaining virtually undetected for almost a decade, the security researchers say.
Other threat actors target Linux as well, but Linux malware is overall rare compared to the sheer volume of malicious tools targeting Windows and MacOS operating systems.
News URL
Related news
- China-Linked Hackers Exploit SAP and SQL Server Flaws in Attacks Across Asia and Brazil (source)
- Chinese Hackers Target Linux Systems Using SNOWLIGHT Malware and VShell Tool (source)
- New BPFDoor Controller Enables Stealthy Lateral Movement in Linux Server Attacks (source)
- ASUS releases fix for AMI bug that lets hackers brick servers (source)
- Hackers Exploit Critical Craft CMS Flaws; Hundreds of Servers Likely Compromised (source)
- Chinese hackers behind attacks targeting SAP NetWeaver servers (source)
- Hackers now testing ClickFix attacks against Linux targets (source)
- Türkiye Hackers Exploited Output Messenger Zero-Day to Drop Golang Backdoors on Kurdish Servers (source)
- Russia-linked hackers target webmail servers in Ukraine-related espionage operation (source)
- Czech Republic Blames China-Linked APT31 Hackers for 2022 Cyberattack (source)