Some of the samples show that Debian and CentOS are among the targeted distributions.ĮSET says FontOnLake may be the same malware that was previously analyzed by researchers at the s Tencent Security Response Center, Avast, and Lacework Labs. Analysis seems to indicate that the virus is present in Southeast Asia. Its creators are also careful: different C&C servers are used in each of the samples on VirusTotal and have since been deactivated.
Researchers suspect that FontOnLake is being used for targeted attacks. An operator can read or write data to this file and extract it from the backdoor component. The communication between trojanized apps and rootkit is done through a virtual file created by the latter. The rootkits in turn are used to allow malware to hide its existence and activities on the system of the victim. Once the malware is on the system, it uses the installed backdoors to retrieve credentials and Bash history, and then sends them to its command and control (C&C) server. The initial way in which these trojanized applications get to their victims is not known,” said Vladislav Hrčka, malware analyst and reverse engineer at ESET. “All the trojanized files are standard Linux utilities and each serves as a persistence method because they are commonly executed on system start-up. Researchers have discovered three custom backdoors written in C ++, which are related to FontOnLake malware and provide operators with remote access to the infected system.
#Eset cybersecurity pro for mac review install
They are also used to install custom backdoors and rootkits. These commands include cat, kill, sftp, and sshd, and often launch at system startup and allow the malware to be persistent. Its installation is done through modified and trojanized versions of popular Linux commands, normally present in the coreutils package or installed by default on some systems. New Adload malware bypasses Apple’s XProtect to infect macOS devices.Hackers develop Linux port of Cobalt Strike for new attacks.ESET Cyber Security, Hotspot Shield for Mac, and amazing Dashlane for Mac.
#Eset cybersecurity pro for mac review mac os
0 kommentar(er)
