A previously unknown malware family dubbed FontOnLake is targeting systems running Linux, ESET researchers found.
FontOnLake uses “custom and well-designed modules, ” malware analyst Vladislav Hrčka wrote in a article on the finding. Modules used by the malware family “are constantly under development and provide remote access to the operators, collect credentials, and serve as a roxy ip address server, ” he wrote.
The first known FontOnLake file appeared on VirusTotal in May 2020 and other samples were uploaded throughout the year. Both the location of its command-and-control server and the countries from which samples were uploaded to VirusTotal may indicate that the attackers’ targets include Southeast Asia.
“We believe that FontOnLake’s operators are particularly cautious since almost all samples seen use unique [C2] servers with varying non-standard ports, ” Hrčka wrote.
The malware family’s known components include Trojanized applications, backdoors, and rootkits, which connect to each other Researchers found multiple Trojanized applications, mostly used to load custom backdoor or rootkit modules. The three backdoors discovered are written in C++; the functionality they have in common is each exfiltrates collected credentials and its bash command history to the C2 server. Researchers found two “marginally different” versions of the rootkit, used one at a time, in each of the three backdoors.
Read ESET’s full blog post for more details.
Source of this news: https://www.darkreading.com/threat-intelligence/-fontonlake-malware-family-targets-linux-systems
Related posts:
After years onto the periphery, TV finds by yourself at the center of digital interruption. It isn’t TV’s first transformation. Three decades ago, cable shifted tv producers from tran...
Designed for use as a personal cloud server, the Asustor Drivestor 2 Pro ($249) is a reasonably priced two-bay NAS that offers multi-gig connectivity and numerous USB ports. It also has a generous ca...
Pure’s Portworx business unit has updated its container PX-Backup platforms to add support for manually record shares, object storage targets on, inter-cloud portability and security. PX-Backup ...
Ready to build your first website? Are you shopping for affordable WordPress web hosting?There are multiple types of web hosting solutions to choose from: shared hosting, dedicated hosting, cloud hos...
Pleasing and suppressing HIFs Cells respond and adapt to hypoxia (low oxygen) in part by activating often the α subunits of the HIF family of transcription factors. Daly et geologi. perfor...
This tutorial is about the How to work with user classes on Windows. We will try our best so that you understand this guide. I hope you like this blog How to work with user classes on Windows. If you...
Microsoft 365 aka Office 365 is getting the attention of many IT organizations due to the new advanced features and benefits it offers. It is continuously attracting small and large scale organizatio...
As gaming consoles become more advanced, we find ourselves using them for more things beyond simple gaming. With built-in browsers and apps allowing us to do most things that we might also do on a ga...
VPNs are becoming increasingly popular on today’s internet, but many people still don’t know what they do or how to use them. This guide will walk you through the basics of VPNs and some reasons why ...
Any administrator of your personal figures will be Threatpost, Inc., 450 Unicorn Park, Woburn, MUM 01801. Detailed information on all the processing of personal data are also made of the privac...
Particulars Point No . 4: Associations don’t feel confident of the security. A little less than part of surveyed organizations said these are definately very or extremely proficient about the...
Hi folks, Need all of your current help on this situation. Model: Dell 15 inspiron 5547 (2015) Panes 10 Intel i7 8gb RAM 1TB HDD (not ssd) Last week after the sacrifice of fowl.|leaving the...
Install Code-Server on Almalinux 8 or Rocky Linux 8 server to run VS Code using Web browser with the help of command terminal and script. Microsoft Visual Studio Code is a free editor for various...
Audio player loading… Surfshark has announced it is adding new Nexus software defined network (SDN) technology to its consumer-faced VPN product.SDN is prevalent in enterprises and businesses whe...
Shotcut is a free, open source, cross-platform video editor for Windows, Mac and Linux. Major features include support for a wide range of formats; no import required meaning native timeline editing...
Transcript Fedorov: This presentation is about improving performance of network requests. It's been known for years that latency of network interactions has large impact in many business areas. For e...
Although a year late, the anachronistically named Tokyo 2020 Olympics are finally here. They’re the fourth Olympic Games held in Japan, but only the second Summer Olympics after Tokyo 1964. A lot of...
Written by Benjamin Freed Monton 30, 2021 | STATESCOOP With more than half of the Oklahoma state government’s request, 000-person workforce still working on their duties remotely in a year's...
