Researchers at Slovak security firm Eset said a newly discovered backdoor allows hackers to remotely execute arbitrary commands on some high-performance computer networks.
The Kobalos backdoor operates on Linux, FreeBSD, and Solaris, and code artifacts imply it may have previously run on AIX and the Windows 3.11 and Windows 95 platforms.
Once installed, Kobalos infiltrates the file system of the target network and facilitates access to a remote terminal that allows intruders to run commands; infected systems also can become proxies connecting to other compromised servers, which can be linked to compromise a final target.
Kobalos was released no later than 2019, and the group behind it was active throughout 2020.
Eset researchers wrote that the backdoor's features and network evasion methods indicate those behind Kobalos “are much more knowledgeable than the typical malware author targeting Linux and other non-Windows systems."
From Ars Technica
View Full Article
Abstracts Copyright © 2021 SmithBucklin, Washington, DC, USA