CyberSecurity updates
Updated: 2024-11-21 20:43:06 Pacfic

arstechnica.com
Perfctl Malware Exploits Common Misconfigurations and Known Vulnerabilities to Infect Linux Machines - 6d
Read more: arstechnica.com

Perfctl, a stealthy and persistent Linux malware, has been circulating since at least 2021, infecting thousands of machines. It leverages a range of tactics, including exploiting common misconfigurations and known vulnerabilities, to gain access to vulnerable systems. The malware, which has a high success rate in avoiding detection, uses a naming convention similar to common Linux tools to blend in with legitimate processes. The attackers exploit vulnerabilities like CVE-2023-33246 in Apache RocketMQ, a widely used messaging and streaming platform, to establish a foothold. Perfctl is primarily used for cryptocurrency mining, stealing processing power from infected machines.


This site is an experimental news aggregator using feeds I personally follow. You can reach me at Bluesky if you have feedback or comments.