Newly Discovered Malware Infects Linux Systems

is a previously unknown family that is targeting any systems running .

The malware has a limited incidence in the wild and has a sophisticated architecture that allows it to remain persistent on an infected machine for long periods of time.

ESET researchers have discovered a previously unknown malware family that utilizes custom and well-designed modules, targeting systems running Linux. Modules used by this malware family, which we dubbed FontOnLake, are constantly under development and provide remote access to the operators, collect credentials, and serve as a proxy server.

Source

We believe that FontOnLake’s operators are particularly cautious since almost all samples seen use unique [C2] servers with varying non-standard ports.

Source

According to BleepingComputer, among the Linux utilities that the threat actor altered to deliver FontOnLake are:

cat – used to print the content of a file

kill – lists all running processes

sftp – secure FTP utility

sshd – the OpenSSH

Read More: https://heimdalsecurity.com/blog/newly-discovered-malware-infects-linux-systems/