New Linux Trojan Found, Part of Turla
Follow Us:
Follow us on Twitter
Subscribe to our RSS
New Linux Trojan Found, Part of Turla
by Susan Linton - Dec. 08, 2014Comments (0)
Related Blog PostsHel-lo Makulu and Goodbye ZevenPear Returning, In the Movies, and More HighlightsHappy Birthday Linus, Looking Back, and Korora TidbitsROSA Fresh R5, Year in Ubuntu, and Fedora to the RescueLinux Best & Worst, Live Patchin', and Devuan Good
The top story today is the discovery of a new Linux trojan that experts say could have been in place for years. Kaspersky Lab is saying this newly discovered Linux malware is part of the Turla campaign indicating that the culprits aren't limiting themselves to Windows. And that's not all that's unusual about this code. Security experts Kurt Baumgartner and Costin Raiu today posted that a "previously unknown piece" of the Turla puzzle was discovered that is quite unusual. It's "the first Turla sample targeting the Linux operating system" found. Baugartner and Raiu said: The Linux Turla module is a C/C++ executable statically linked against multiple libraries, greatly increasing its file size. It was stripped of symbol information, more likely intended to increase analysis effort than to decrease file size. Its functionality includes hidden network communications, arbitrary remote command execution, and remote management. Much of its code is based on public sources. The experts write that the code, which doesn't require root privileges, stays hidden until it receives a "magic number." Then it jumps into action opening a socket and backdoor to listen for commands. "Perhaps the most interesting part here is the unusual command and control mechanism based on TCP/UDP packets." While this code is now known, there have been no reports of it in the wild as of yet. Baugartner and Raiu added an update this evening saying they've discovered a second Linux module "representing a different malware generation than the previously known samples."
Previous: Leverage Strong Deve...Next: Google Launches Andr... Browse Blog
al lamb uses OStatic to support Open Source, ask and answer questions and stay informed. What about you?
Share Your Comments
If you are a member, Sign in to have your comment attributed to you. If you are not yet a member, Join OStatic and help the Open Source community by sharing your thoughts, answering user questions and providing reviews and alternatives for projects.
Your Name
Email Address (kept hidden)
Your Comment *
Promote Open Source Knowledge by sharing your thoughts, listing Alternatives and Answering Questions!
Featured MembersViewStacey SchneiderFreelance internet marketer helping companies buil...
Viewal lambI have been involved in the programming field sinc...
Related Questions
Get answers and share your expertise.
Have a question? Ask the community
Seriously, OSTatic! This is plain annoying!
By McKinsey - Oct 17, 2012
post answer
Installing Linux from Live CD
By Dineshrawar - Apr 09, 2012
3 answers
Scheduling backups to the cloud server
By Alvin Pieterson - Sep 16, 2011
post answer
Partner Center
Happening Now on OStatic
Sandy commented on Five Great Open Source Shopping Cart Systems for eCommerce
Dietrich commented on Linux Best & Worst, Live Patchin', and Devuan Good
Eli Cummings commented on In the Market for a Holiday Chromebook? Here's What to Know
About OStatic
Terms of Service
Privacy Policy
Send Feedback
Powered by Vox Holdings
© 2014 OStatic. Built on fine Open Source Software from projects like
MySQL and
Sign in to OStatic
Username: *
Password: *
Not a member? Join NowI forgot my password