ESET Research uncovers FontOnLake, an Targeted malware attacking Linux – CXOToday. com

eset ProxyEgg ESET Research uncovers FontOnLake, an Targeted malware attacking Linux - CXOToday. com

ESET researchers have found a previously unknown malware attack family that utilizes custom and as a consequence well-designed modules, targeting systems running Linux. Modules utilized by this malware family, which probably ESET dubbed FontOnLake, really are constantly under development and provides remote access to the employees, collect credentials, and function a proxy server. The venue of the C& C vpn server and the countries from which of the samples were uploaded so that you can VirusTotal might indicate whom its targets include the Asian countries.

“The sneaky nature of FontOnLake’s pieces of equipment in combination with advanced design and even low prevalence suggest that they could be used in targeted attacks, ” explains Vladislav Hrčka, ESET Malware Researcher who considered this threat. To collect results or conduct other dangerous activity, this malware house uses modified legitimate binaries that are adjusted to load in depth components. In fact , to cover up its existence, FontOnLake’s signage is always accompanied by a rootkit. These types of binaries are commonly used on Apache systems and can additionally function a persistence mechanism.

ESET researchers assume that FontOnLake’s operators are very cautious since almost all trial samples seen by ESET bring into play different, unique C& F servers with varying odd ports. The authors application mostly C/C++ and diverse third-party libraries such as  Complement ,   Poco   and  Protobuf .

The first known file of this particular malware family appeared directly on VirusTotal last May and other samples were uploaded all through the year. None of the C& C machines used in samples uploaded which can VirusTotal were active in the course of writing, indicating that they could were already disabled due to the upload.

All known pieces of FontOnLake are detected by way of ESET products as Linux/FontOnLake. “Companies or individuals who are trying to protect their Linux endpoints or servers from this hazard should use a multilayered security measure product and an updated version of their Linux distribution; a lot off the samples we have analyzed are actually created specifically for CentOS but Debian, ” advises Hrčka.

Following ESET Research’s discovery while finishing the FontOnLake white physical, vendors such as  Tencent Computer security Response Center , Avast and  Lacework Labs   published their research around what appears to be the same malware. ESET will present its findings using FontOnLake at the  AVAR 2021 Virtual   meeting held at the beginning of December.

For more technical the specifics of FontOnLake, read the blogpost “ FontOnLake: Previously unknown malware members of the family targeting Linux ” on WeLiveSecurity

Source of this news: https://www.cxotoday.com/press-release/eset-research-uncovers-fontonlake-a-targeted-malware-attacking-linux/

Related posts:

How to change your IP address: 4 easy ways - CNET
Getty/KTSDESIGN/SCIENCE PHOTO LIBRARY Don't worry. Changing your IP address is easy, even if you've never done it before. It's also perfectly safe and -- as long as you're not using it to break oth...
Silence Therapeutics : Condensed consolidated income statement (unaudited) - Form 6-K/A - Marketscre...
Condensed consolidated income statement (unaudited) Six months ended June 30,2021 June 30,2020 £000s (except per share information) Revenue ...
How To Get A New Netflix Series On Your Subscription? - Film Threat
There are also some problems in getting new Netflix series on your subscription because of geo-restriction. If you are not in the USA then you still can’t get new Netflix series on your subscription....
Configuring network and firewall functions - The Daily Drink
ENTERPRISE The variety of components of Burp Suite Enterprise Version need associated with specific ports in order to exchange their views and the outside world. Obviously necessary to configu...
10 Database Security Best Practices You Should Know - tripwire.com - tripwire.com
According to Risk Based Security’s 2020 Q3 report, around 36 billion records were compromised between January and September 2020. While this result is quite staggering, it also sends a clear message ...
Apple announces iCloud+ with privacy-focused features - TechCrunch
Apple is rolling out some updates to iCloud under the name iCloud+. The company is announcing those features at its developer conference. Existing paid iCloud users are going to get those iCloud+ feat...
SSH Host Based Authentication - Security Boulevard
IntroductionAre you an organization that manages or hosts a huge pool of resources on remote locations/servers? Well, host-based authority-validation technique is the most-suited way to manage the a...
Blizzard Launcher Not Working - 9 Ways To Fix It - Tech News Today
Blizzard’s launcher, Battle.net has mostly positive feedbacks. Battle.net doesn’t experience a lot of downtime, and problems that do occur are usually easy to resolve. When it’s down, though, you ca...
FIX: Tablet Doesn't Rotate After Windows 10 Update - Windows Report
by Radu Tyrsina CEO & Founder Radu Tyrsina has been a Windows fan ever since he got his first PC, a Pentium III (a monster at that time). For most of the kids of his age, the Interne...
Chinese language APT group IronHusky exploits zero-day Windows Server freedom escalation - ARNnet
Credit: Dreamstime One of the vulnerabilities patched by Microsoft has been spotted by a Chinese cyber-espionage organization since at least August. Unquestionably the attack campaigns targ...
Best Free Proxy Sites and Services to Hide your Web - BollyInside
This list is about the Best Free Proxy Sites and Services to Hide your Web. We will try our best so that you understand this list Best Free Proxy Sites and Services to Hide your Web. I hope you like ...
The best Protect Your Privacy As you're watching Movies Online - BBN Times
Seeing as streaming services like Netflix and Hulu become more sought after, people are watching more dvds and TV shows online previously. Actually offers a lot of conveniences, it additionally...
You know about 404 error codes, but what the heck is a 503? - CNET
Here's your guide to the sometimes mysterious world of 404s and beyond.  CNET Sure you've seen a 404 error code -- remember Twitter's infamous fail whale? -- but what about a 503? Or a 400 or 3...
Server System and Server Motherboard Market Forecast, Trends, Share, Size, Industry Growth, Drivers ...
Market Expertz latest study, titled ‘Global Server System and Server Motherboard Market,’ sheds light on the crucial aspects of the global Server System and Server Motherboard market. The S...
The iOS 15 privacy settings you should change right now - Wired.co.uk
Apple’s iOS 15 has dropped. The latest version of the mobile operating system, and its iPad equivalent iOS 15.5, is rolling out around the world. Apple made the download available after announcing th...
Gun buying spiked during the outbreak. It’s still up. -- Baltimore Sun
The Northeastern as Harvard data come from every survey of 19, thousand people conducted in February. Researchers found that that is related to 6. 5% of U. S. adults bought marker pens in 2020, o...
New Cyber Theft Group Uses Revitalized Tricks To Target Online Merchants - TechNewsWorld
A new fraud ring called Proxy Phantom is using sophisticated credential stuffing attack methods to take over customer accounts for U.S.-based e-commerce merchants. The latest research from digital tr...
Nets Summer League roster highlighted by their NBA draft picks - New York Post
LAS VEGAS — With free agency winding down and the Spencer Dinwiddie trade done and dusted, Nets fans will turn their eyes toward Las Vegas and focus their attention on NBA Summer League. Yes, Kevi...

IP Rotating Proxy Onsale

SPECIAL LIMITED TIME OFFER

00
Months
00
Days
00
Hours
00
Minutes
00
Seconds
First month free with coupon code FREE30