Linux @programming.dev lemme in @lemm.ee 1 mo. ago

Chinese hackers exploit Linux with new WolfsBane malware

www.neowin.net Chinese hackers exploit Linux with new WolfsBane malware

ESET researchers uncover "WolfsBane," a Linux backdoor linked to the China-based Gelsemium group. This is Gelsemium's first known Linux malware—hinting at a change in attack strategies.

9 comments

Researchers believe the shift to Linux malware is due to improvements in Windows endpoint security. As a result, threat actors are exploring new attack avenues, increasingly focusing on exploiting flaws in internet-facing systems, most of which run on Linux.

I don‘t get the reasoning here… these servers ran Linux before so what has that to do with Windows endpoints?
- Its called clickbait BS.
  
  These Servers are secured by so much and don't even run out of the box anything, they run entirely custom operating systems based on Linux wich are behind massive Firewalls.
- Idk about the endpoints, but this seems to be targeting desktops and not servers, as those don't have KDE.
- Windows is harder, so less valuable to spend time on.
  
  Windows is harder, so less valuable to spend time on.
  
  lol.
  
  No, it’s because the article is using clickbait and the world’s infrastructure mostly runs on Linux, not windows servers.
Better version

https://www.welivesecurity.com/en/eset-research/unveiling-wolfsbane-gelsemiums-linux-counterpart-to-gelsevirine/
Next week in news: After Russia, Chinese next to get banned from Linux.
- I see that as a possibility but not because they are writing malware
  
  Also China is a much bigger country compared to Russia so there would be a big loss.

You've viewed 9 comments.