NEWS
NEWS
Another Linux Malware Discovered; TUXEDO Computers Announces a New InfinityBook; SUSE Dives into the Agentic AI Pool; Linux Now Runs Most Windows Games; Fedora 43 Has Finally Landed; KDE Unleashes Plasma 6.5; Xubuntu Site Possibly Hacked; LMDE 7 Now Available.
Another Linux Malware Discovered
Curly COMrade β a Russian hacking group that's been active since 2024 and is aligned with Russian political movements β has been abusing the Microsoft Hyper-V within Windows to bypass detection by creating a virtual machine (VM) based on Alpine Linux to deploy malware.
The VM only uses 120MB of disk space and 256MB of memory, making it less detectable. Once the VM has been deployed, the malware uses the CurlyShell reverse shell and the CurlCat reverse proxy for stealth and communication.
According to Bitdefender (https://businessinsights.bitdefender.com/curly-comrades-evasion-persistence-hidden-hyper-v-virtual-machines), "By isolating the malware and its execution environment within a VM, the attackers effectively bypassed many traditional host-based EDR [endpoint detection and response] detections. EDR needs to be complemented by host-based network inspection to detect C2 traffic escaping the VM, and proactive hardening tools to restrict the initial abuse of native system binaries."
[...]
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
US / Canada
UK / Australia