Articles about Linux malware

An urban myth used to suggest that Linux was immune to viruses and malware, and is totally secure. This is, of course, nonsense, even if the comparatively low usage makes Linux-based system less likely to be attacked than Windows or macOS.

Highlighting the fact that there is no such thing as a completely secure operating system, Kaspersky has released a new malware scanner for Linux systems. Kaspersky Virus Removal Tool (KVRT) for Linux is a free tool that, although it fails to offer real-time protection, can be used to scan for and remove various forms of malware... albeit with a slight caveat.

Continue reading →

Security researchers at Palo Alto Networks have uncovered a new variant of the notorious Bifrost malware, now targeting Linux systems with a cunning twist. This latest iteration employs a deceptive domain, download.vmfare[.]com, to masquerade as a legitimate VMware site, thereby bypassing security measures and compromising unsuspecting users.

Bifrost, a remote access Trojan (RAT) first identified in 2004, has been a persistent threat, enabling attackers to pilfer sensitive information such as hostnames and IP addresses. The recent surge in Linux variants of Bifrost has sent ripples of concern through the cybersecurity community, signaling a potential uptick in attacks on Linux-based systems.

Continue reading →

Although it has a reputation as a safe and secure operating system, Linux is not immune to malware. Indeed it's become an attractive target as increasing numbers of servers and other devices run Linux-based OSes.

Data analyzed by the Atlas VPN team, based on malware threat statistics from AV-ATLAS, shows new Linux malware threats hit record numbers in 2022, increasing by 50 percent to 1.9 million.

Continue reading →

In the past cybercriminals have tended to shun Linux in favor of more widely used operating systems, but new data indicates that this trend is starting to shift.

Statistics from the Atlas VPN team show new Linux malware reached record numbers in the first half of 2022, with nearly 1.7 million samples being discovered. This puts it in second spot for the number of new samples even though it has only one percent of the OS market (not counting Android).

Continue reading →

Yes, you did read the headline correctly; security researchers have discovered a stealthy new remote access trojan (RAT) designed to attack Linux systems. Named CronRAT, the malware hides as a scheduled task and is configured to run on a non-existent date – February 31st.

Researchers from Sansec warn that CronRAT "enables server-side Magecart data theft which bypasses browser-based security solutions". This is something that is particularly concerning this Black Friday.

Continue reading →