Crowdstrike recently released a research that highlighted the growing dangers to Linux-based operating systems. In comparison to 2020, researchers found a 35 percent increase in Linux-based malware in 2021. The majority of these assaults targeted IoT devices.
What is the content of the report?
Three malware families accounted for 22% of attacks on Linux systems in 2021, according to Crowdstrike’s data.
In 2021, the most common Linux-based malware families were XorDDoS, Mirai, and Mozi.
Since at least 2014, XorDDoS, a botnet designed to perform large-scale DDoS attacks, has been active. When compared to 2020, the malware sample had increased by over 123 percent in 2021.
In 2021, the popularity of Mirai variations Sora, IZIH9, and Rekai increased to 33%, 39%, and 83 percent, respectively.
Beyond botnets, there’s a lot more going on.
Threat actor organisations have ramped up various ransomware families to target Linux systems from the beginning of 2022.
The AvosLocker, for example, appends the.avoslinux extension to all encrypted files.
Before beginning the encryption procedure, the ransomware strain uses special commands to terminate all ESXi computers on the server.
Earlier this month, a modified variant of the SFile ransomware, which encrypts files on Linux-based operating systems, was discovered.
The usage of the new ransomware strain in targeted assaults against corporate and government networks has been confirmed by The Record, despite the fact that it is new.
Linux-based Malware and IoT
Linux is used to power most cloud infrastructure and web servers today, as well as mobile and IoT devices. It’s popular because it has a lot of scalability, security measures, and a lot of distributions to support a lot of different hardware designs and provide amazing performance on any system.
Threat actors have a huge potential with numerous Linux builds and distributions at the heart of cloud infrastructures, mobile, and IoT. Linux-based IoT devices, for example, are a low-hanging fruit for threat actors, whether they use hardcoded credentials, unprotected ports, or unpatched vulnerabilities, and their en masse corruption might jeopardise the integrity of vital internet services. By the end of 2025, more than 30 billion IoT devices are expected to be connected to the internet, generating a potentially massive market offering a potentially huge attack surface for hackers and cybercriminals to establish massive botnets.
If the current trend continues, additional malware for Linux systems could be released in 2022. Regardless of the operating system, fraudsters will identify security flaws that are easy to exploit. As a result, keep your devices up to date as patches become available to ensure your security.