Even though most technology experts consider Linux to be the most secure operating system, that is not entirely accurate. Over the past few months, we have seen multiple malware types targetting the Linux OS, either to install cryptocurrency mining software or to exfiltrate important data. Never one to sit on the sidelines, the CIA has built its own set of tools to infiltrate Linux servers around the world. One of these is Aeris, a disruptive type of malware capable of affecting popular Linux distros.
Aeris can infiltrate systems running Debian Linux 7, Red Hat Enterprise Linux 6, Solaris 11, FreeBSD 8 and seniors 5.3 and 5.7. That is a large list, considering that a lot of those Linux flavors are very common. Aeris can successfully infiltrate all of these systems and does its work unabated. Its tools include a way to snoop on encrypted communication, hook into SMTP communication, and exfiltrate files automatically.
It is not the first time we have come across CIA malware, and the Wikileaks team has done an outstanding job of keeping tabs on all of these discoveries. The agency has developed many versions of malware to serve the same purpose. No operating system in the world is safe from CIA infiltration these days, even though some of its tools are no longer usable by the look of things. It is unclear whether Aeris is still an active threat, but it seems plausible to assume that could be the case.
Source: https://themerkle.com/the-cias-aeris-malware-can-exfiltrate-data-from-linux-systems/
submitted by: Arnfried Walbrecht
Comments are closed.