Security News > 2023 > September > Free Download Manager Site Compromised to Distribute Linux Malware to Users for 3+ Years

A download manager site served Linux users malware that stealthily stole passwords and other sensitive information for more than three years as part of a supply chain attack.

The modus operandi entailed establishing a reverse shell to an actor-controlled server and installing a Bash stealer on the compromised system.

Org, which, according to the Russian cybersecurity firm, offers a legitimate Linux software called "Free Download Manager," but starting in January 2020, began redirecting some users who attempted to download it to another domain deb.

The collection information is then uploaded to the attacker's server using an uploader binary downloaded from the C2 server.

What's evident is that not everyone who downloaded the software received the rogue package, enabling it to evade detection for years.

"While the campaign is currently inactive, this case of Free Download Manager demonstrates that it can be quite difficult to detect ongoing cyberattacks on Linux machines with the naked eye," the researchers said.

News URL

https://thehackernews.com/2023/09/free-download-manager-site-compromised.html