To protect your Linux systems from Perfctl, regularly update your operating system and software with the latest security patches, conduct vulnerability assessments, implement robust network security measures like firewalls and intrusion detection systems, monitor system activity for unusual behaviour, and use security tools like endpoint protection solutions. New Linux malware ‘Perfctl’ is targeting millions worldwide, mimicking system files to evade detection. The malware has been lurking for some time, but recently attacked a Nautilus honeypot, providing an opportunity to detect and examine this threat that can put any Linux server at risk. According to Aqua Nautilus, this sophisticated Linux malware dubbed “perfctl” has been quietly targeting servers worldwide over the past few years. This sophisticated malware compromises Linux servers, exploiting vulnerabilities for cryptomining and system resource hijacking. Cybersecurity researchers at Aqua Nautilus have discovered a new Linux malware that has targeted millions worldwide, exploiting over 20,000 misconfigurations. In the company’s technical research, shared exclusively with Hackread.com ahead of publishing on October 3 Thursday, there have been numerous incident reports and discussions in online communities pointing to the widespread prevalence of perfctl. Another concerning trend highlighted by researchers is that Perfctl uses rootkits and evasion techniques to hide its presence from standard system tools and monitoring processes. This malware gains persistence by self-replicating and using deceptive filenames that resemble legitimate system files. The malware’s name comes from the cryptominer process, which drains system resources and causes significant issues for Linux developers.
This Cyber News was published on hackread.com. Publication date: Thu, 03 Oct 2024 17:43:06 +0000