A hidden malware operation has infiltrated the Linux community for a solid three years without raising alarms, says Kaspersky, a Russian cybersecurity firm. Despite Linux being hailed as a secure alternative to mainstream operating systems like Windows and macOS, it appears even the cybersecurity experts missed this one.
This quiet attack particularly exploited a so-called free download manager designed for Debian users. What’s unusual? This software was laced with malicious code way back since January 2020. It contained a hidden post-installation script that set off the malware, complete with comments in both Russian and Ukrainian.
Kaspersky’s investigation further revealed that once installed, the software acted as a Bash stealer, collecting sensitive data from the system. This includes saved passwords, browsing history, and even credentials for high-profile cloud services like AWS and Google Cloud.
Interestingly, the malware wasn’t distributed through the official website of the download manager but had been subtly posted on forums like Reddit and StackOverflow over two years. This crafty move allowed the malware to stay under the radar, essentially weaponizing the community’s trust.
The real kicker is the reason behind targeting Linux systems: they’re simply overlooked. According to Kaspersky, the actors exploited the fact that Linux machines don’t get as much scrutiny as their Windows and macOS counterparts.
While the genuine makers of the Free Download Manager remain tight-lipped, this incident should serve as a wake-up call. Being security savvy isn’t just for Windows or Mac users. The first step in safeguarding your system is sticking to verified download sources. Had users double-checked where they were downloading from, they would have dodged this malware bullet.
In an age where Linux is gaining popularity, it’s time the community revisits its assumptions about its in-built security. If even the experts missed this, what else is lurking in the corners of the Linux world?
RELATED:
- Samsung’s Linux on Galaxy Arriving Soon for Seamless Linux OS Access Through DeX
- ZTE executive elected as chairman of Linux Foundation AI and Data Foundation governing board
- Download the Best GCam APK for Vivo V27 Pro
(Via)
