/freedomzine/ -FBI and NSA expose new Linux malware Drovorub

Name
Email
Subject	REC STOP
Comment *
File	Select/drop/paste files here
Password	(Randomized for file and post deletion; you may also set your own.)
Archive	Archive [500 char limit]
* = required field	[▶Show post options & limits] Confused? See the FAQ.

Flag	open flag menu
Embed	(replaces files and can be used instead)
Oekaki	Show oekaki applet (replaces files and can be used instead)
Options	Do not bump (you can also write sage in the email field)
Allowed file types:jpg, jpeg, gif, png, webp,webm, mp4, mov, swf, pdf Max filesize is16 MB. Max image dimensions are15000 x15000. You may upload5 per post.

File: f7cf93df3165ea5⋯.jpg (79.4 KB,960x540,16:9,microsoft_russian_state_ha….jpg)

FBI and NSA expose new Linux malware Drovorub Boundless 08/15/20 (Sat) 15:09:00 No.8222

FBI and NSA expose new Linux malware Drovorub, used by Russian state hackers

>The FBI and NSA have published today a joint security alert containing details about a new strain of Linux malware that the two agencies say was developed and deployed in real-world attacks by Russia's military hackers.

>The two agencies say Russian hackers used the malware, named Drovorub, was to plant backdoors inside hacked networks.

>Based on the evidence the two agencies have collected, FBI and NSA officials claim the malware is the work of APT28 (Fancy Bear, Sednit), a codename given to the hackers operating out of military unity 26165 of the Russian General Staff Main Intelligence Directorate (GRU) 85th Main SpecialService Center (GTsSS).

>Through their joint alert, the two agencies hope to raise awareness in the US private and public sectors so IT administrators can quickly deploy detection rules and prevention measures.

Drovorub: APT28's swiss-army knife for hacking Linux

>Per the two agencies, Drovorub is a multi-component system that comes with an implant, a kernel module rootkit, a file transfer tool, a port-forwarding module, and a command-and-control (C2) server.

>"Drovorub is a 'swiss-army knife' of capabilities that allows the attacker to perform many different functions, such as stealing files and remote controlling the victim's computer," McAfee CTO, Steve Grobman, told ZDNet in an email today.

>"In addition to Drovorub's multiple capabilities, it is designed for stealth by utilizing advanced 'rootkit' technologies that make detection difficult," the McAfee exec added. "The element of stealth allows the operatives to implant the malware in many different types of targets, enabling an attack at any time."

https://www.zdnet.com/article/fbi-and-nsa-expose-new-linux-malware-drovorub-used-by-russian-state-hackers/

https://lobste.rs/s/fd2c3f/nsa_discloses_new_russian_made_drovorub

Weirdly, in just the last few minutes, at least 3 sites have 404'd articles about this; including bleepingcomputer.com

Somebody does not want this info out.

____________________________

Disclaimer: this post and the subject matter and contents thereof - text, media, or otherwise - do not necessarily reflect the views of the 8kun administration.

Malware is Boundless 08/15/20 (Sat) 15:26:49 No.8228

File: 479d42b197787b1⋯.pdf (2.01 MB,CSA_DROVORUB_RUSSIAN_GRU_M….PDF)

Mitigation?

Besides upgrading your kernel…

Here's a PDF…

National Security Agency Federal Bureau of Investigation Cybersecurity AdvisoryRussian GRU 85th GTsSS Deploys Previously Undisclosed Drovorub Malware

https://media.defense.gov/2020/Aug/13/2002476465/-1/-1/0/CSA_DROVORUB_RUSSIAN_GRU_MALWARE_AUG_2020.PDF

Disclaimer: this post and the subject matter and contents thereof - text, media, or otherwise - do not necessarily reflect the views of the 8kun administration.

Boundless SAGE! 08/15/20 (Sat) 16:53:18 No.8271

>>8222

Russian hackers used the malware, named Drovorub, WAS to plant backdoors

smooth work

Disclaimer: this post and the subject matter and contents thereof - text, media, or otherwise - do not necessarily reflect the views of the 8kun administration.

Boundless SAGE! 08/15/20 (Sat) 16:54:59 No.8272

>>8222

capabilities that ALLOWS the attacker to perform many different functions

brilliant

Disclaimer: this post and the subject matter and contents thereof - text, media, or otherwise - do not necessarily reflect the views of the 8kun administration.

Boundless SAGE! 08/15/20 (Sat) 16:57:36 No.8273

>>8222

>>8228

apparently, YOU are the only person who cares

Disclaimer: this post and the subject matter and contents thereof - text, media, or otherwise - do not necessarily reflect the views of the 8kun administration.

Boundless SAGE! 08/15/20 (Sat) 16:59:42 No.8274

so what?

nobody cares

big deal

Disclaimer: this post and the subject matter and contents thereof - text, media, or otherwise - do not necessarily reflect the views of the 8kun administration.

If One Is Not Open to LEARN From the Sage Boundless, One Will Never BE the Boundless SAGE! 08/15/20 (Sat) 18:46:46 No.8278

File: 0a543afbc2bfaf9⋯.jpg (201.59 KB,1363x924,1363:924,end_begins.jpg)

File: 3c5577c0bc2297d⋯.png (88.23 KB,300x240,5:4,PicsArt_06_08_02_22_05.png)

File: 371dce6da140661⋯.png (4 MB,1500x2500,3:5,PicsArt_05_14_09_50_39.png)

File: 881f31de168bcf7⋯.jpg (778.77 KB,1890x2773,1890:2773,PicsArt_06_06_02_31_38.jpg)

File: 82d099c2068bead⋯.jpg (150.84 KB,892x1270,446:635,PicsArt_06_06_02_18_52.jpg)

>>8271

>>8272

>>8274

>nobody cares

<he still thinks that has ever, or will ever stop me

Even the Sage Derby Cheese goes well with Whine…

>sage because it is so tasty with all your salt and whine…

Besides,Nobody has ever cared about Apathy!

Disclaimer: this post and the subject matter and contents thereof - text, media, or otherwise - do not necessarily reflect the views of the 8kun administration.

The outlook for GNU / Linux is Boundless 08/15/20 (Sat) 20:48:45 No.8287

File: 126bbc1f53eb1ff⋯.png (21.86 KB,464x160,29:10,linux_culture.png)

>>8222

Op's trips confirm that many people care about Linux.

Disclaimer: this post and the subject matter and contents thereof - text, media, or otherwise - do not necessarily reflect the views of the 8kun administration.

Boundless 08/15/20 (Sat) 21:16:14 No.8299

File: e2155f9dfe89e64⋯.mp4 (8.2 MB,640x352,20:11,Show_Me_Your_Papers_2020_0….mp4)

Disclaimer: this post and the subject matter and contents thereof - text, media, or otherwise - do not necessarily reflect the views of the 8kun administration.