Drovorub: Russian “can opener” reveals the solutions based on LinuxОльга Blinkova | 14.08.2020
FBI ANS state that the United States has the malware “Drovorub” (the word reminds both nouns “logger” and “lumberjack”), which allegedly exploited by the Russian hackers
working for the government of the Russian Federation. The malware is designed to create backdoors in decisions under Linux.
Edition ZDNet notes that according to the FBI, and ANS, a new malware — division product APT28 (Fancy Bear, Sednit), Russian military hacker groups working within the Department 26165 GRU
Russia. We emphasize again that this is only speculation of foreign intelligence services.
The FBI and ANS call experts in the field of information security, working in different organizations for vigilance and the implementation of precautions.
In its statements Drovorub called “opener” that can open solutions based on Linux.
Drovorub is a multicomponent system, which includes digital implant a rootkit kernel module, a file transfer tool, module, port forwarding and server management and control (C2).
It can be used to steal files and take control of other computers. This multipurpose tool can be used for industrial espionage and intervention in the elections.
The FBI and ANS suggest American organizations to update Linux to version 3.7 and above.
cyber security, cyber espionage
Journal: Journal IT-News, Subscription to magazines
