The FBI and NSA have issued a joint report warning of the Drovorub malware, a full-featured toolkit that has gone undetected until recently.
Ars Technica reports that the Drovorub toolset “includes four main components: a client that infects Linux devices; a kernel module that uses rootkit tactics to gain persistence and hide its presence from operating systems and security defenses; a server that runs on attacker-operated infrastructure to control infected machines and receive stolen data; and an agent that uses compromised servers or attacker-control machines to act as an intermediary between infected machines and servers.”
Read more at Ars Technica.
Comments