Choose style:

Author Topic: Fysbis malware  (Read 851 times)

0 Members and 1 Guest are viewing this topic.

Offline Capivara

  • Member
  • ***
  • Posts: 186
  • Karma: 62
  • Devoted To Daemons & Penguins
    • View Profile
  • Peppermint version(s): 6, 7
Fysbis malware
« on: February 15, 2016, 04:09:12 am »
Fysbis appears to be a hot topic the last few days. Interesting and somewhat worrying that this backdoor can install itself without root privileges. The article below is quite extensive, but doesn't really explain how Fysbis can pull this off. Maybe someone here can?

http://researchcenter.paloaltonetworks.com/2016/02/a-look-into-fysbis-sofacys-linux-backdoor/

I also posted this on the LM forums because it intrigues me.
If you like Linux, raise your hand. If you don't, raise your standards.

Offline PCNetSpec

  • Administrator
  • Hero
  • *****
  • Posts: 25455
  • Karma: 2798
  • "-rw-rw-rw-" .. The Number Of The Beast
    • View Profile
    • PCNetSpec
  • Peppermint version(s): Peppermint 8R, 9, and 9R
Re: Fysbis malware
« Reply #1 on: February 15, 2016, 12:07:15 pm »
And here's the next storm in a teacup.

What no stated attack vector again .. now that does surprise me  <-- sarcasm ;)

[EDIT]

No sorry, same storm in a teacup as the last one .. already patched ;)
« Last Edit: February 15, 2016, 01:02:52 pm by PCNetSpec »
WARNING: You are logged into reality as 'root' .. logging in as 'insane' is the only safe option.

Team Peppermint
PCNetSpec

Offline GNULINUX

  • Trusted User
  • Member
  • *****
  • Posts: 987
  • Karma: 311
    • View Profile
  • Peppermint version(s): Peppermint Six (x64)
Re: Fysbis malware
« Reply #2 on: February 15, 2016, 02:07:27 pm »
Seems it's always the same sad story for "Linux malware"!
No Linux specific attack vector or physical access needed or already patched!  ;)
Peppermint 6  (x64)   -   Windows 7 Ultimate SP1  (x64)
Running different OS flavors in VirtualBox, just for fun!

Offline Capivara

  • Member
  • ***
  • Posts: 186
  • Karma: 62
  • Devoted To Daemons & Penguins
    • View Profile
  • Peppermint version(s): 6, 7
Re: Fysbis malware
« Reply #3 on: February 16, 2016, 02:44:03 am »
Well, for the better. Let's keep it on FUD.
If you like Linux, raise your hand. If you don't, raise your standards.