jeffv via plug on 23 May 2022 07:43:01 -0700


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[PLUG] botnet, backdoor



Malicious PyPI package opens backdoors on Windows, Linux, and Macs

https://www.bleepingcomputer.com/news/security/malicious-pypi-package-opens-backdoors-on-windows-linux-and-macs/


For Linux systems, the Python script connects to a remote URL at 39.107.154.72 and pipes the output to the bash shell. Unfortunately, that host is down at the time of this writing, so it is unclear what commands are executed, but it is believed to open a reverse shell.



Microsoft sounds the alarm on – wait for it – a Linux botnet

https://www.theregister.com/2022/05/23/microsoft_linux_botnet/

The trojan, first discovered in 2014 by security research group MalwareMustDie, was named after its use of XOR-based encryption and the fact that is amasses botnets to carry out distributed denial-of-service attacks. Over the last six months, Microsoft threat researchers say they've witnessed a 254 percent spike in the malware's activity.
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug