How long did this “previously undetected malware” go undetected? Linux OSes are the least secure OSes, and yet they are still allowed to falsely claim that they are secure.

I should start a new blog that focuses only on just how unsecure Open Source OSes are. In the meanwhile, check out the *Linux Security Issues* page here. I don’t keep it up-to-date, but do try to bring up the really really bad malware ‘n etc.

New ‘Lightning Framework’ Linux malware installs rootkits, backdoors:

A previously undetected malware dubbed ‘Lightning Framework’ that targets Linux systems can be used to backdoor infected devices using SSH and deploy rootkits to cover the attackers’ tracks.

Described as a “Swiss Army Knife” in a report published today by Intezer, Lightning Framework is a modular malware that also comes with support for plugins.

This core module (kkdmflush) is the framework’s main module and is the one the malware uses to receive commands from its C2 server and to execute its plugins.

“The module has many capabilities and uses a number of techniques to hide artifacts to remain running under the radar,” Robinson added.

Yeah, it is a nasty one!

Signs of a Linux malware surge?

Lightning Framework is just the latest Linux malware strain capable of fully compromising and backdooring devices that surfaced recently.

Intezer security researchers have also spotted OrBit…

Symbiote, another malware targeting Linux devices…

Researchers have also spotted a stealthy backdoor named BPFDoor has been stealthily targeting Linux and Solaris systems undetected for over five years…

A fourth Linux malware strain, a rootkit dubbed Syslogk .. has the capability to force-load its modules into the Linux kernel…

“Malware targeting Linux environments surged in 2021, with a large amount of innovation resulting in new malicious code, especially in ransomwares, trojans, and botnets,” Robinson said.

Will add this post to the *Linux Security Issues* page…

LINUX IS LIKE A BOX OF CHOCOLATES – you never know what you’re gonna get!