CyberSecurity updates
Updated: 2024-10-15 17:03:53 Pacfic

Flag This

Bruce Schneier @ Security Boulevard

Perfctl Malware Exploits Common Misconfigurations and Known Vulnerabilities to Infect Linux Machines - 1d


Read more: securityboulevard.com

Perfctl, a stealthy and persistent Linux malware, has been circulating since at least 2021, infecting thousands of machines. It leverages a range of tactics, including exploiting common misconfigurations and known vulnerabilities, to gain access to vulnerable systems. The malware, which has a high success rate in avoiding detection, uses a naming convention similar to common Linux tools to blend in with legitimate processes. The attackers exploit vulnerabilities like CVE-2023-33246 in Apache RocketMQ, a widely used messaging and streaming platform, to establish a foothold. Perfctl is primarily used for cryptocurrency mining, stealing processing power from infected machines.

References:

  • Ars Technica - This article explores the stealthy nature of the Perfctl malware and its widespread impact on Linux systems since 2021. - 1d
  • Malware Analysis, News and Indicators - This news post discusses the Perfctl malware, emphasizing its potential impact on Linux systems. - 1d
  • securityboulevard.com - Perfectl in an of malware: The malware has been circulating since at least 2021. It gets installed by exploiting more than 20,000 common misconfigurations, a capability that may make millions of machines connected to the Internet potential targets, researchers from Aqua Security said. - 1d
  • Security Boulevard - This article provides a comprehensive analysis of the Perfectl malware, highlighting its stealthy mining capabilities and the vulnerabilities it exploits. - 1d
  • Malware Analysis, News and Indicators - Vulnerable instances of Log4j still being used nearly 3 years later - 14h
  • SCM feed for Security Strategy, Plan, Budget - Critical vulnerabilities take over 500 days to be fixed. - 14h

Classification:

  • HashTags: #Linux #Malware #Perfctl
  • Company: Aqua Security
  • Target: Linux Users
  • Product: Linux
  • Feature: Misconfigurations
  • Type: Malware
  • Severity: Medium






This site is an experimental news aggregator using feeds I personally follow. You can reach me using contacts here if you have feedback. You can also find Flathis at Mastodon.