wellmess-malware-640x360  - wellmess malware 640x360 - Bad guys use Google’s Golang to cross-compile multi-platform malwareHere is the news:

  • The use of ’s (also called Go) language allows attackers to cross-compile for use on multiple platforms, making potential attacks on more trivial to engineer.
  • The new WellMess malware strain is able to operate on both Windows and on Linux, giving a remote attacker the ability to execute arbitrary commands as well as upload and download files, or run PowerShell scripts to automate tasks.

Google’s Golang—which supports cross compiling to run on multiple operating systems—is now being utilized by attackers to target Windows and Linux workstations.

According a by JPCERT, the WellMess malware can operate on WinPE (Windows Preinstallation Environment) and on Linux via ELF (Executable and Linkable Format). The malware gives a remote attacker the ability to execute arbitrary commands as well as upload and download files, or run PowerShell scripts to automate tasks. The commands are transferred to the infected device via RC6 encrypted HTTP POST requests, with the results of executed commands transmitted to the C&C server via cookies.

While WellMess is far from the first malware to run on Linux systems, the perceived security of Linux distributions as not being a significant enough target for malware developers should no longer be considered the prevailing wisdom, as cross-compilation on Golang will ease malware development to an extent for attackers looking to target Linux desktop users. As with Windows and macOS, users of Linux on the desktop should install some type of antivirus software in order to protect against malware such as WellMess.

And of course step users through new-school security awareness training as your last line of defense.

Source: https://www.techrepublic.com/article/this-new-dual-platform-malware-targets-both-windows-and-linux-systems/

 



Source link
Based Blockchain Network

LEAVE A REPLY

Please enter your comment!
Please enter your name here