Just recently, LinuxSecurity published a feature article exploring the rise in attacks targeting Linux, their implications for Linux users and the conclusions that can be drawn about the security of the operating system based on this disheartening trend. Now, yet another frightening attack campaign exploiting Linux has come to light.
In a new report, security researchers from BlackBerry reveal that Chinese state hackers have been successfully infiltrating critical Linux servers with little to no detection since 2012. The researchers identified a previously undocumented Linux malware toolset including two kernel-level rootkits and three backdoors. BlackBerry’s research has also linked this ???decade of Chinese RATs??? (remote access trojans – or programs that enable covert surveillance or provide threat actors with the ability to gain unauthorized access to a victim PC) to one of the largest Linux botnets ever discovered, concluding that the campaign – which has impacted a significant number of organizations – has been ???highly profitable??? and ???the duration of the infections is lengthy???. The cross-platform aspect of these attacks is also particularly concerning, given the security challenges that have arisen as a result of the sudden increase in remote workers due to the COVID-19 pandemic.