|
jeffv via plug on 22 Jul 2022 06:59:16 -0700
|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
|
[PLUG] Lightning Framework malware
|
- From: jeffv via plug <plug@lists.phillylinux.org>
- To: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>
- Subject: [PLUG] Lightning Framework malware
- Date: Fri, 22 Jul 2022 09:59:09 -0400
- Authentication-results: smtp04.aqua.bos.sync.lan smtp.user=jeffv@op.net; auth=pass (LOGIN)
- Dkim-signature: v=1; a=rsa-sha1; d=op.net; s=20180222; c=relaxed/simple; q=dns/txt; i=@op.net; t=1658498350; h=From:Subject:Date:To:MIME-Version:Content-Type; bh=XFVEY0OMtGNRF8TrNdlpw2dWFpE=; b=uIa7K+nwRx7o/6MRg57sXprjyn3KPPbx/8ZrMrT2wq7yRpDfqt+ivgUanGdV2KEv VAOkTl+jgg5uIAJ/NgXHk+0cbwXN//Az1ailRYDNQaEjbsxgxzwz6JQ6Nlg7mzzi C64XExFVukw+6LFKwxKWHQWEvPtAnVJdnJ9o5tMXddbC1dwNUvu4bEJFYnopkXNF zEOkF7ZMa6WPuV1lLtserHa0JxwnxhvOBv7N+uXokwZeCqzBPI+HjwHBEqdaSFjS 3M2iYZXEwfWbiNSbV9wKhSUNKWD/Ox2JrbVtbIe67MbW1RwAtNVgLAuCEyCd24So upJOjvSzi9A10nmLL9AJeA==;
- Reply-to: jeffv <jeffv@op.net>
- Sender: "plug" <plug-bounces@lists.phillylinux.org>
- User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.11.0
New ‘Lightning Framework’ Linux malware installs rootkits, backdoors
https://www.bleepingcomputer.com/news/security/new-lightning-framework-linux-malware-installs-rootkits-backdoors/";
The framework has both passive and active capabilities for communication
with the threat actor, including opening up SSH on an infected machine,
and a polymorphic malleable command and control configuration,"
This malware is yet to be spotted in the wild
___________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug