Security News > 2022 > February > How cybercriminals are using malware to target Linux-based operating systems

As the most common cloud operating system, Linux is a core part of digital infrastructure and is quickly becoming an attacker's ticket into a multi-cloud environment.

Current malware countermeasures are mostly focused on addressing Windows-based threats, leaving many public and private cloud deployments vulnerable to attacks that target Linux-based workloads, VMware reveals.

"Cybercriminals are dramatically expanding their scope and adding malware that targets Linux-based operating systems to their attack toolkit in order to maximize their impact with as little effort as possible," said Giovanni Vigna, senior director of threat intelligence at VMware.

"Rather than infecting an endpoint and then navigating to a higher value target, cybercriminals have discovered that compromising a single server can deliver the massive payoff and access they're looking for. Attackers view both public and private clouds as high-value targets due to the access they provide to critical infrastructure services and confidential data. Unfortunately, current malware countermeasures are mostly focused on addressing Windows-based threats, leaving many public and private cloud deployments vulnerable to attacks on Linux-based operating systems."

Cybercriminals either include wallet-stealing functionality in malware or they monetize stolen CPU cycles to successfully mine cryptocurrencies in an attack called cryptojacking.

"The findings in this report can be used to better understand the nature of Linux-based malware and mitigate the growing threat that ransomware, cryptomining, and RATs have on multi-cloud environments. As attacks targeting the cloud continue to evolve, organizations should adopt a zero trust approach to embed security throughout their infrastructure and systematically address the threat vectors that make up their attack surface."

News URL

https://www.helpnetsecurity.com/2022/02/09/malware-target-linux/