this post was submitted on 29 Oct 2023
254 points (93.5% liked)

Technology

59188 readers
2246 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
 

Antivirus provider Kaspersky uncovers a sophisticated piece of 'StripedFly' malware camouflaged as a cryptocurrency miner that's been targeting PCs for more than five years.

you are viewing a single comment's thread
view the rest of the comments
[–] sir_reginald@lemmy.world 86 points 1 year ago* (last edited 1 year ago) (13 children)

this makes use of an old windows specific vulnerability. Linux is only mentioned on the title, not again in the whole article. clickbait.

edit: downvote me if you want, but the original article didn't say a thing about Linux.

[–] Salamendacious@lemmy.world 33 points 1 year ago (6 children)

https://www.bleepingcomputer.com/news/security/stripedfly-malware-framework-infects-1-million-windows-linux-hosts/

On Linux, the malware assumes the name 'sd-pam'. It achieves persistence using systemd services, an autostarting .desktop file, or by modifying various profile and startup files, such as /etc/rc*, profile, bashrc, or inittab files.

[–] Buffalox@lemmy.world 44 points 1 year ago (5 children)

That's from a completely different article.

And it doesn't say how this is achieved without already having root privilegies. I'm not sure I believe this can in fact infect a Linux system, except if it's already heavily compromised, for instance by a user logging in as root as default.

[–] LDerJim@lemmy.world 1 points 1 year ago (1 children)

Maybe if root is shared via SMB1 and is rw

[–] Buffalox@lemmy.world 5 points 1 year ago* (last edited 1 year ago) (1 children)

Not possible AFAIK, I don't use anything Microsoft, but AFAIK SMB1 shares on Linux are through Samba, and you can't just enable write permissions without root. So as I stated before, the Linux system needs to be already compromised.

[–] LDerJim@lemmy.world 1 points 1 year ago

Users can configure the system however they want.

load more comments (3 replies)
load more comments (3 replies)
load more comments (9 replies)