Cybercriminals turn their attention to Linux-based systems, report finds

News Desk -

Share

As the most widely used cloud operating system, Linux is an essential component of digital infrastructure; it has quickly become an attacker’s ticket into a multicloud environment, revealed VMware’s recent threat report.

VMware points out that current malware countermeasures mostly address threats posed using Windows operating systems, leaving many public and private cloud deployments vulnerable to attacks that use Linux operating systems.

VMware’s latest report, “Exposing Malware in Linux-Based Multi-Cloud Environments,” has detailed how cybercriminals are targeting Linux-based operating systems with malware. The key findings include:

  • Ransomware is evolving to target host images used to spin workloads in virtualized environments;
  • 89 percent of cryptojacking attacks use XMRig-related libraries; and 
  • More than half of Cobalt Strike users may be cybercriminals, or at least using Cobalt Strike illicitly.

“Cybercriminals are dramatically expanding their scope and adding malware that targets Linux-based operating systems to their attack toolkit in order to maximize their impact with as little effort as possible,” said Giovanni Vigna, senior director of threat intelligence at VMware.

“Rather than infecting an endpoint and then navigating to a higher value target, cybercriminals have discovered that compromising a single server can deliver the massive payoff and access they’re looking for. Attackers view both public and private clouds as high-value targets due to the access they provide to critical infrastructure services and confidential data. Unfortunately, current malware countermeasures are mostly focused on addressing Windows-based threats, leaving many public and private cloud deployments vulnerable to attacks on Linux-based operating systems,” Vigna added.

Furthermore, the company has indicated that as malware targeting Linux-based operating systems grows in both volume and complexity in a quickly changing threat landscape, enterprises must prioritise threat detection.