acm-header
Sign In

Communications of the ACM

ACM TechNews

High-Performance Computers Under Siege by Newly Discovered Backdoor


View as: Print Mobile App Share: Send by email Share on reddit Share on StumbleUpon Share on Hacker News Share on Tweeter Share on Facebook
An "infection" in the server room.

The Kobalos backdoor runs on Linux, FreeBSD, and Solaris, and code artifacts suggest it may have once run on AIX, Windows 3.11 and Windows 95.

Credit: Getty Images

Researchers at Slovak security firm Eset said a newly discovered backdoor allows hackers to remotely execute arbitrary commands on some high-performance computer networks.

The Kobalos backdoor operates on Linux, FreeBSD, and Solaris, and code artifacts imply it may have previously run on AIX and the Windows 3.11 and Windows 95 platforms.

Once installed, Kobalos infiltrates the file system of the target network and facilitates access to a remote terminal that allows intruders to run commands; infected systems also can become proxies connecting to other compromised servers, which can be linked to compromise a final target.

Kobalos was released no later than 2019, and the group behind it was active throughout 2020.

Eset researchers wrote that the backdoor's features and network evasion methods indicate those behind Kobalos “are much more knowledgeable than the typical malware author targeting Linux and other non-Windows systems."

From Ars Technica
View Full Article

 

Abstracts Copyright © 2021 SmithBucklin, Washington, DC, USA


 

No entries found