TrickBot Malware is no longer Windows Exclusive! TrickBot is porting to Linux. The designers of the TrickBot have re-equipped their malware with new functionality. Linux Devices could now leave traces through its new DNS command and Control tool Anchor_DNS.
TrickBot, initially a banking Trojan has advanced to perform more malicious intents. Spreading laterally through a network, steeling saved credentials in browsers, steeling cookies, checking device’s screen resolution, and infecting Windows as well as Linux devices’ tops malicious behavior’s list As per new research findings the system could receive a consequential rise in cyber attacks. Researchers at Kaspersky have uncovered a hike in the number of Cyber Criminals attacking Linux.
Linux was once safer and secure than any other operating system. The company also witnesses a rise in threats crafted to exclusively damage Linux Systems. Once criminals steal data they manipulate it to establish ransomware such as Ryuk and Conti. This is done to encrypt devices on the network as a final stage of the attack As criminals go for huge and bold gains Kaspersky puts up security ideas for maintaining security.
Word on Anchor_DNS
Anchor has been as of the date a Windows Malware. Stage 2 Security researcher Waylon Grange finds a new sample showing Anchor_DNS getting port. The Anchor_DNS ported to a fresh OS backdoor version ‘Anchor_Linux’. It also has the effectiveness to drop and run malware on Linux devices. The malware also embeds Windows TrickBot that is workable to infect Windows devices on the same network.
After getting replicated to a Windows device, Anchor_Linux works its way as Windows Service. Post configuration malware strikes on Window host and connects back to the hacker’s C &C server where execution takes place. The fact is many routers, VPN devices, and NAS devices course on Linux. Linux has posed some real threat.
Securing Linux and their devices
Kaspersky Labs is a multinational cybersecurity and an anti-virus provider from Russia. Kaspersky’s discovery of Linux Systems at potential risk from Advanced Persistent threats (APTs) and cyber attacks creating exclusive Linux-focused tools. The famous myth that OS being a less operating system can’t be targeted is proving wrong. In systems using multiple operating systems where access to infected devices gives attacker permission to rush in Windows or macOS.
To steer clear Kaspersky suggests using a list of trusted secure software sources. By avoiding unencrypted update channels and not running binaries or scripts from untrusted sources. Aiming to secure systems and data IT and organizations are running more on OS not knowing the real repercussions.