TechEconomy
  • Privacy Policy
  • Manage Subscriptions
Tuesday, December 5, 2023
Advertisement
  • News
  • Tech
    • DisruptiveTECH
    • ConsumerTech
      • Accessories
      • Phones
      • Apps
      • Laptop
      • Gadgets and Appliances
    • How To
    • TechTAINMENT
  • Business
    • Telecoms
      • Broadband
    • Mobility
    • Environment
    • Travel
    • Commerce
    • StartUPs
    • TE Insights
    • Security
  • Partners
  • Economy
    • Finance
    • Fintech
    • Digital Assets
    • Personal Finance
    • Insurance
  • Features
    • IndustryINFLUENCERS
    • Guest Writer
    • Appointment
    • EventDIARY
    • Editorial
  • TECHECONOMY TV
No Result
View All Result
Podcast
  • News
  • Tech
    • DisruptiveTECH
    • ConsumerTech
      • Accessories
      • Phones
      • Apps
      • Laptop
      • Gadgets and Appliances
    • How To
    • TechTAINMENT
  • Business
    • Telecoms
      • Broadband
    • Mobility
    • Environment
    • Travel
    • Commerce
    • StartUPs
    • TE Insights
    • Security
  • Partners
  • Economy
    • Finance
    • Fintech
    • Digital Assets
    • Personal Finance
    • Insurance
  • Features
    • IndustryINFLUENCERS
    • Guest Writer
    • Appointment
    • EventDIARY
    • Editorial
  • TECHECONOMY TV
No Result
View All Result
Tech | Business | Economy
No Result
View All Result
Podcast

Home » Kaspersky Reveals Three-year Long Suspected Supply Chain Attack Targeting Linux

Kaspersky Reveals Three-year Long Suspected Supply Chain Attack Targeting Linux

See how to avoid such threats

Admin by Admin
September 19, 2023
in Security
0
Supply Chain Attack Targeting Linux
Supply Chain Attack Targeting Linux

Supply Chain Attack Targeting Linux

Sifax
Advertisements

Kaspersky unveiled a malicious campaign in which an installer of the Free Download Manager software was employed to disseminate a Linux backdoor for a minimum of three years. 

Researchers discovered that victims were infected when they downloaded the software from the official website, indicating that this is a possible supply chain attack.

RelatedPosts

ENIOLA BOLUOGUN writes on APIs

Unleashing Power of Digital Transformation: A Paradigm Shift through API Integration

December 4, 2023

The Hunter, Not the Hunted: Redefining Security in the Age of Cyber-Threats

December 4, 2023

Variants of the malware used in this campaign were first identified in 2013. Victims are based in various countries, including Brazil, China, Saudi Arabia, and Russia.

Kaspersky experts identified a new malicious campaign targeting Linux systems, where threat actors deployed a backdoor – a type of Trojan – onto victims’ devices using infected version of a popular free software: Free Download Manager.

Once the device is infected, the attackers’ goal is to steal information such as details about system, browsing history, saved passwords, cryptocurrency wallet files, and even credentials for cloud services like Amazon Web Services or Google Cloud.

According to Kaspersky’s telemetry, victims of this campaign are located all over the world, including Brazil, China, Saudi Arabia and Russia.

Kaspersky experts believe it is likely that this is a supply chain attack. During the investigation into Free Download Manager installation guides on YouTube for Linux computers, the company’s experts found instances where video creators inadvertently showcased the initial infection process: clicking the download button on the official website resulted in a malicious version of Free Download Manager being downloaded. In contrast, in another video, a legitimate version of the software was downloaded.

It is possible that the malware developers scripted the malicious redirection to appear with some degree of probability or based on digital fingerprint of the potential victim. As a result, some users encountered a malicious package, while others obtained a clean one.

According to Kaspersky’s findings, the campaign lasted for at least three years – from 2020 to 2022. The malicious package installed the Free Download Manager version released in 2020.

Moreover, over the course of this timeframe, there were discussions on websites such as StackOverflow and Reddit about problems caused by the infected software distribution. However, the users were unaware that these issues were caused by malicious activity.

A Reddit user wondered if they can install Free Download Manager without running a script that turned out to contain malware
A Reddit user wondered if they can install Free Download Manager without running a script that turned out to contain malware

“Variants of the analysed backdoor have been detectable by Kaspersky solutions for Linux since 2013. However, there is a widespread misconception that Linux is immune to malware, leaving many of these systems without adequate cybersecurity protection. This lack of protection makes these systems attractive targets for cybercriminals. Essentially, the Free Download Manager case highlights the challenge of spotting an ongoing cyberattack on a Linux system with the naked eye. Therefore, it’s essential for Linux-based computers, including both desktops and servers, to implement reliable and effective security measures”, says Georgy Kucherin, a security expert at GReAT, Kaspersky.

To avoid Linux-based and other types of threats, it is worth implementing the following security measures:

  • Choose a proven endpoint security solution such as Kaspersky Endpoint Security for Business that is equipped with behaviour-based detection and anomaly control capabilities for effective protection against known and unknown threats.
  • Use Kaspersky Embedded Systems Security This adaptable, multi-layered solution provides optimised security for embedded Linux-based systems, devices and scenarios, in compliance with the rigorous regulatory standards so often applicable to these systems.
  • Since the stolen credentials may be put up for sale on the dark web, use Kaspersky Digital Footprint Intelligence to monitor shadow resources and promptly identify related threats.

Share this:

  • X
  • More
  • Email
  • WhatsApp
Tags: BrazilChinaGeorgy KucherinGReATKasperskyLinux computersSaudi ArabiaStackOverflowsupply chain attackYouTube
Previous Post

Stabilize the Naira, US Treasury’s Adeyemo tells Tinubu

Next Post

Nigeria in Revenue Crisis, New FIRS Boss Laments

Admin

Admin

TechEconomy is a Distinct News Media That Focuses on BUSINESSES, PEOPLE, PLATFORMS, INSTITUTIONS

Related Posts

ENIOLA BOLUOGUN writes on APIs
Security

Unleashing Power of Digital Transformation: A Paradigm Shift through API Integration

by Techeconomy
December 4, 2023
0

By incorporating APIs into the digital transformation strategy, businesses can unlock a myriad of possibilities to elevate user interactions.

Read more
cyber threats

The Hunter, Not the Hunted: Redefining Security in the Age of Cyber-Threats

December 4, 2023
CISO and CISOs

The Evolving Role of the CISO: Bridging the Gap Between Cybersecurity and Business Goals

December 4, 2023
Ethnos unveils Aquila in lagos

Ethnos Unveils Aquila, an AI Powered Mobile Security Application, at Zenith Bank Tech Fair 2023

December 2, 2023
Dark Side of AI - Sophos Anticipates AI-Based

Sophos Anticipates AI-Based Attack Techniques and Prepares Detections

December 1, 2023
BCX Cyber Security Threat Defence Centre

BCX Introduces Advanced Cyber Security Threat Defence Centre

November 30, 2023
Next Post
Nigeria in revenue crisis - Naira

Nigeria in Revenue Crisis, New FIRS Boss Laments

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

I agree to the Terms & Conditions and Privacy Policy.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

TECHECONOMY PODCAST

Techeconomy Podcast
Techeconomy Podcast

Techeconomy Podcast is brought to you by TechEconomy. Every week we will bring new stories from startups and influencers who are shaping and changing the world we live in. We’ll also bring you reports on topics you should know.

Follow us @techeconomyng for more.

Listen OnSpotify
The Role of Ed-tech in Life Long Learning and Continuous Education
byTecheconomy

In this episode, we embark on a profound exploration of Ed-tech's integral role in lifelong learning and continuous education.

Our esteemed guest, Oluwatobi Adekunle, Co-founder of Growthskool, brings a wealth of insight to the discussion. As a visionary in the Ed-tech realm, he shares experiences, challenges, and triumphs from the forefront of Growthskool's transformative journey.

Join us in unraveling the ways in which Ed-tech is reshaping traditional education paradigms and fostering a culture of continuous learning. Oluwatobi's perspective offers a unique lens into the transformative power of technology in the realm of education.

At Techeconomy, our commitment lies in delivering nuanced coverage at the crossroads of Technology, Business, and the Economy. Our content is designed to empower decision-making and explore the transformative potential of innovative technologies.

—

Send in a voice message: https://podcasters.spotify.com/pod/show/techeconomy/message

The Role of Ed-tech in Life Long Learning and Continuous Education
The Role of Ed-tech in Life Long Learning and Continuous Education
October 19, 2023
Techeconomy
Filmmaking and Technology: A chat with Micheal Chineme Ike
June 7, 2023
Techeconomy
Search Results placeholder

NEWSLETTER

Subscribe

* indicates required
Techeconomy

Follow Us

MarkTECH

Gamification and Customer experience
MarkTECH

Gamifying Customer Engagement for Success 

by Techeconomy
November 13, 2023
0

Writer: ADEOLA ADEJOKUN Let's talk about the addictive nature of video games for a second. What keeps players glued to...

Read more

WomenPreneurs

Rukayat Alabi - RKY Group of Companies
WomenPreneurs

Rukayat Alabi: Empowering Lives and Businesses Through Tech

by Joan Aimuengheuwa
October 29, 2023
0

Rukayat Alabi, the CEO of RKY Group of Companies, a visionary entrepreneur who is revolutionizing the way people transition into...

Read more

BusinesSENSE For SMEs

Managing Difficult Customer
BusinesSENSE For SMEs

Five Keys to Managing Difficult Customers

by Techeconomy
August 23, 2023
0

You will at one point in your business be confronted with dealing with difficult customers. So, mastering the right strategies...

Read more
  • About Us
  • Contact Us
  • Policy
  • Careers

© 2023 Techeconomy - Designed by Opimedia.

No Result
View All Result
  • News
  • Tech
    • DisruptiveTECH
    • ConsumerTech
      • Accessories
      • Phones
      • Apps
      • Laptop
      • Gadgets and Appliances
    • How To
    • TechTAINMENT
  • Business
    • Telecoms
      • Broadband
    • Mobility
    • Environment
    • Travel
    • Commerce
    • StartUPs
    • TE Insights
    • Security
  • Partners
  • Economy
    • Finance
    • Fintech
    • Digital Assets
    • Personal Finance
    • Insurance
  • Features
    • IndustryINFLUENCERS
    • Guest Writer
    • Appointment
    • EventDIARY
    • Editorial
  • TECHECONOMY TV

© 2023 Techeconomy - Designed by Opimedia.

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.