Security News > 2022 > July > New ‘Lightning Framework’ Linux malware installs rootkits, backdoors
A new and previously undetected malware dubbed 'Lightning Framework' targets Linux systems and can be used to backdoor infected devices using SSH and deploy multiple types of rootkits.
Described as a "Swiss Army Knife" in a report published today by Intezer, Lightning Framework is a modular malware that also comes with support for plugins.
Lightning Framework is built using a simple structure: a downloader component that will download and install the malware's other modules and plugins, including its core module, on compromised Linux devices.
"The Lightning Framework is an interesting malware as it is not common to see such a large framework developed for targeting Linux," Robinson concluded.
Lightning Framework is just the latest Linux malware strain capable of fully compromising and backdooring devices that surfaced recently.
A fourth Linux malware strain, a rootkit dubbed Syslogk unveiled by Avast researchers last month, has the capability to force-load its modules into the Linux kernel, backdoor infected machines, and hide network traffic and artifacts to evade detection.
News URL
Related news
- New Perfctl Malware Targets Linux Servers for Cryptocurrency Mining and Proxyjacking (source)
- Linux malware “perfctl” behind years-long cryptomining campaign (source)
- Linux systems targeted with stealthy “Perfctl” cryptomining malware (source)
- New FASTCash malware Linux variant helps steal money from ATMs (source)
- New Linux Variant of FASTCash Malware Targets Payment Switches in ATM Heists (source)
- New CRON#TRAP Malware Infects Windows by Hiding in Linux VM to Evade Antivirus (source)
- Researchers unearth two previously unknown Linux backdoors (source)
- Chinese APT Gelsemium Targets Linux Systems with New WolfsBane Backdoor (source)
- Chinese hackers target Linux with new WolfsBane malware (source)