Quote:Researchers are warning a novel malware variant is targeting Linux devices, in order to add endpoints to a botnet to then be utilized in distributed-denial-of-service (DDoS) attacks and cryptomining.
The malware variant, called FreakOut, has a variety of capabilities. Those include port scanning, information gathering and data packet and network sniffing. It is actively adding infected Linux devices to a botnet, and has the ability to launch DDoS and network flooding attacks, as well as cryptomining activity.
“If successfully exploited, each device infected by the FreakOut malware can be used as a remote-controlled attack platform by the threat actors behind the attack, enabling them to target other vulnerable devices to expand their network of infected machines,” said researchers with Check Point Research in a Tuesday analysis.
FreakOut first targets Linux devices with specific products that have not been patched against various flaws.
These include a critical remote command execution flaw (CVE-2020-28188) in TerraMaster TOS (TerraMaster Operating System), a popular data storage device vendor. Versions prior to 4.2.06 are affected, while a patch will become available in 4.2.07.
Also targeted is a critical deserialization glitch (CVE-2021-3007) in Zend Framework, a popular collection of library packages that’s used for building web applications. This flaw exists in versions higher than Zend Framework 3.0.0.
“The maintainer no longer supports the Zend framework, and the lamins-http vendor released a relevant patch for this vulnerability should use 2.14.x bugfix release (patch),” researchers said.
Finally attackers target a critical deserialization of untrusted data issue (CVE-2020-7961) in Liferay Portal, a free, open-source enterprise portal, with features for developing web portals and websites. Affected are versions prior to 7.2.1 CE GA2; an update is available in Liferay Portal 7.2 CE GA2 (7.2.1) or later.
“Patches are available for all products impacted in these CVEs, and users of these products are advised to urgently check any of these devices they are using and to update and patch them to close off these vulnerabilities,” said researchers.
Read more: https://threatpost.com/linux-attack-frea...re/163137/
![[-]](https://www.geeks.fyi/images/collapse.png)
