Linux-Unix

A Malware is Allegedly Creeping in on Linux Systems and it’s Aggressive

Linux systems have been under attack by different kinds of malware and worms in the past including the famous one Mirai which literally means Japanese future. Mirai was developed by three American students and was considered deadly for Linux. Only recently, a new kind of a worm is roaming around and gradually creeping in on the systems of Linux and is being considered quite aggressive by malware experts. Although, the information and facts surrounding this new addition to Linux’s worm family is still vague, some authentic news from a twitter user has arrived.

According to the twitter user @VessOnSecurity (an anti-virus, malware and infosec expert), a new worm or malware has been discovered on the Linux systems.

His tweet’s link can be accessed here:

He claims that little is known regarding what it really is but it seems to be spreading on Linux quite aggressively. The attack-pattern in his opinion seems to be Mirai-like in which a botnet could nest on over 500,000 Linux IoT systems, but it is certainly not Marai this time as the uploads in this worm come from thousands of different IPs instead of from a few repositories as was the case with Mirai. His tweet claims: ‘The executable is packed, the commands are quite polymorphic.” The particular executable that he mentions seems to be around for a week and is being noticed quite a lot but the original malware is older and transforms its code regularly.

Image Taken from BornCity

@VessOnSecurity went on to share a map that displayed countries the SSH Honeypot and Telnet are accessing most frequently. USA, as expected, holds the top position. The map shows unusually large numbers of unique URLs and IPs which are attributed to the Mirai-like worm that is creeping onto the Linux systems.

This means that the attacking systems mainly are located in the US, but other countries like Netherlands, France, Italy, England, Greece, Ireland, Poland, Germany and Romania are also to be blamed.

More details regarding the nature, target depth and aggressiveness of the worm are expected to be released some time soon.


Close