Linux Backdoor Doesn’t Need Root Privileges

By

Reports say powerful attack originated from espionage group

Researchers have discovered a new backdoor called Fysbis that is aimed at Linux machines. The new malware has extremely sophisticated properties, and experts suspect it might have come from the APT 28 cyber-espionage group, which reportedly has ties with Russia.

One insidious quality of Fysbis is that it doesn't require root access to start working for the attacker. The malware is apparently able to enter the system at a lesser security level and begin reconnaissance, performing tests and sending information back to a remote command and control center with clues for how to escalate privileges. According to a report at TechWorm, Fysbis can “… open a remote shell on the infected machine, run commands on the attacker's behalf, find, read, save, execute, or delete files, and log keyboard input.”

02/17/2016

Related content

comments powered by Disqus
Subscribe to our ADMIN Newsletters
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs



Support Our Work

ADMIN content is made possible with support from readers like you. Please consider contributing when you've found an article to be beneficial.

Learn More”>
	</a>

<hr>		    
			</div>
		    		</div>

		<div class=