Change language

Researchers found a strain of malware for Linux servers and IoT devices

Researchers at AT&T Alien Labs have identified a new stealthy malware called Shikitega, which can infect both servers and Linux-based Internet of Things devices. It uses a multi-step infection pattern, delivering a payload of several hundred bytes per step, as well as the Shikata Ga Nai cryptor.

Related: best laptop for hacking professionals

This provides polymorphism, protecting the code from static signature-based analysis. Shikitega changes its code every time it goes through one of several decoding cycles. Mettle is used as a backdoor as a lightweight version of Meterpreter, further exploiting CVE-2021-4034 and CVE-2021-3493. The executable file of the virus weighs 376 bytes.

The goal of Shikitega is to install a cryptominer, but the malicious code can also be used to deliver a payload. The program drops XMRig software to mine Monero cryptocurrency. The Mettle package allows webcam control, steals credentials and runs on a large number of devices.

Featured book: CEH v11 book - Certified Ethical Hacker Study Guide PDF version

AT&T did not say how the initial infection occurs, but noted that Shikitega exploits two Linux vulnerabilities discovered in 2021.

The malware also uses cloud hosting solutions to store some of its payload, communicating over an IP address instead of a domain name.

In March 2021, GRIMM cybersecurity specialist Adam Nichols described the critical CVE-2021-27365 (heap buffer overflow, local privilege escalation) vulnerability in the Linux kernel iSCSI subsystem. The bug has been in the code since 2006. All Linux distributions were affected.

Shop

Learn programming in R: courses

$

Best Python online courses for 2022

$

Best laptop for Fortnite

$

Best laptop for Excel

$

Best laptop for Solidworks

$

Best laptop for Roblox

$

Best computer for crypto mining

$

Best laptop for Sims 4

$

Latest questions

NUMPYNUMPY

Common xlabel/ylabel for matplotlib subplots

12 answers

NUMPYNUMPY

How to specify multiple return types using type-hints

12 answers

NUMPYNUMPY

Why do I get "Pickle - EOFError: Ran out of input" reading an empty file?

12 answers

NUMPYNUMPY

Flake8: Ignore specific warning for entire file

12 answers

NUMPYNUMPY

glob exclude pattern

12 answers

NUMPYNUMPY

How to avoid HTTP error 429 (Too Many Requests) python

12 answers

NUMPYNUMPY

Python CSV error: line contains NULL byte

12 answers

NUMPYNUMPY

csv.Error: iterator should return strings, not bytes

12 answers

News


Wiki

Python | How to copy data from one Excel sheet to another

Common xlabel/ylabel for matplotlib subplots

Check if one list is a subset of another in Python

sin

How to specify multiple return types using type-hints

exp

Printing words vertically in Python

exp

Python Extract words from a given string

Cyclic redundancy check in Python

Finding mean, median, mode in Python without libraries

cos

Python add suffix / add prefix to strings in a list

Why do I get "Pickle - EOFError: Ran out of input" reading an empty file?

Python - Move item to the end of the list

Python - Print list vertically