Security News > 2020 > November > Schneider Electric Warns Customers of Drovorub Linux Malware
One of the security bulletins released this week by Schneider Electric warns customers about Drovorub, a piece of Linux malware that was recently detailed by the NSA and the FBI. The U.S. agencies issued a joint advisory in mid-August to warn organizations that the cyber-espionage group known as APT28, which has been linked to Russia's General Staff Main Intelligence Directorate, has been using a piece of Linux malware named Drovorub.
Schneider Electric has advised customers to implement defense-in-depth recommendations in order to protect their Trio Q Data Radio and Trio J Data Radio devices against the malware.
The French industrial giant told SecurityWeek that while Drovorub can pose a threat to its devices, it's not actually aware of any incident involving the malware.
"When we learned how Drovorub worked, we looked to all of our Linux devices to see if they had the same vulnerabilities. Out of an abundance of caution, we elected to let our users know of the potential issue and offered a mitigation while a fix to the OS was prepared," Andrew Kling, product security officer at Schneider Electric, said via email.
Schneider Electric has advised customers to apply recommended mitigations to reduce the risk of attacks and says it's working on rolling out a fix that should further reduce the risk, but the company told SecurityWeek that it is not aware of any actual vulnerability that could be exploited by the malware so it does not expect to assign a CVE identifier.
News URL
Related news
- Schneider Electric confirms dev platform breach after hacker steals data (source)
- Schneider Electric ransomware crew demands $125k paid in baguettes (source)
- New CRON#TRAP Malware Infects Windows by Hiding in Linux VM to Evade Antivirus (source)
- Chinese hackers target Linux with new WolfsBane malware (source)
- Researchers discover first UEFI bootkit malware for Linux (source)
- BootKitty UEFI malware exploits LogoFAIL to infect Linux systems (source)
- New stealthy Pumakit Linux rootkit malware spotted in the wild (source)
- Iran-Linked IOCONTROL Malware Targets SCADA and Linux-Based IoT Platforms (source)