Quote:A tiny-sized malware that packs a big punch has been targeting supercomputers, especially those used in academia and scientific enterprises. It allows initial access for a variety of follow-on attacks, including credential theft – and potentially data exfiltration or cryptomining.
That’s according to ESET researchers, who discovered the Kobalos backdoor in recent months. The code grants remote access to the file system, allows attackers to create terminal sessions and allows proxying connections to other Kobalos-infected servers.
“Kobalos malware contains generic commands to read from and write to the file system and spawn a terminal to execute arbitrary commands,” they explained. “Unfortunately, it doesn’t contain any specific payload that could indicate the intentions of its authors. The operators likely open a shell through the terminal and perform whatever commands they need to.”
Kobalos gets its name from Greek mythology. The kobaloi were companions of Dionysus, a band of mischievous sprites known for tricking and frightening mortals. ESET researchers adopted the name for the malware due to “for its tiny code size and many tricks,” they said in an analysis issued Tuesday.
Read more: https://threatpost.com/kobalos-malware-s...ns/163604/
![[-]](https://www.geeks.fyi/images/collapse.png)
