this post was submitted on 04 Oct 2024
175 points (87.2% liked)

Technology

58492 readers
3965 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 1 year ago
MODERATORS
L3s@lemmy.world
enu@lemm.ee
fry@fry.gs
L3s@fry.gs
enu@lemmy.world
L4s@fry.gs
L4s@lemmy.world
175
Thousands of Linux systems infected by stealthy malware since 2021 (arstechnica.com)
submitted 1 day ago by misk@sopuli.xyz to c/technology@lemmy.world
34 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] li10@feddit.uk 14 points 1 day ago (5 children)

Sounds like it should at least be noticeable if you monitor resource usage?

[–] cron@feddit.org 5 points 1 day ago* (last edited 1 day ago) (1 children)

Yes, but they replace common tools like top or lsof with manipulated versions. This might at least trick less experienced sysadmins.

Edit: Some found out about the vulnerability by ressource alerts. Probably very easy in a virtualized environment. The malware can't fool the hypervisor ;)

[–] li10@feddit.uk 3 points 1 day ago

Not quite the monitoring I’m talking about though.

Basically, it seems like this would be a nightmare for a home user to detect, but a company is probably gonna pick up on this quite quickly with snmp monitoring (unless it somehow does something to that).

load more comments (3 replies)