Security News > 2022 > July > New ‘Lightning Framework’ Linux malware installs rootkits, backdoors

New ‘Lightning Framework’ Linux malware installs rootkits, backdoors
2022-07-21 09:42

A new and previously undetected malware dubbed 'Lightning Framework' targets Linux systems and can be used to backdoor infected devices using SSH and deploy multiple types of rootkits.

Described as a "Swiss Army Knife" in a report published today by Intezer, Lightning Framework is a modular malware that also comes with support for plugins.

Lightning Framework is built using a simple structure: a downloader component that will download and install the malware's other modules and plugins, including its core module, on compromised Linux devices.

"The Lightning Framework is an interesting malware as it is not common to see such a large framework developed for targeting Linux," Robinson concluded.

Lightning Framework is just the latest Linux malware strain capable of fully compromising and backdooring devices that surfaced recently.

A fourth Linux malware strain, a rootkit dubbed Syslogk unveiled by Avast researchers last month, has the capability to force-load its modules into the Linux kernel, backdoor infected machines, and hide network traffic and artifacts to evade detection.


News URL

https://www.bleepingcomputer.com/news/security/new-lightning-framework-linux-malware-installs-rootkits-backdoors/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Linux 11 64 2532 1569 67 4232