Linux users beware: there’s new malware that can steal your data and send it to Russian hackers.
According to the US National Security Agency (NSA) and Federal Bureau of Investigation (FBI), the Russian military hacking group known as Fancy Bear (or Grizzly Steppe when referred alongside Cozy Bear) is believed to have engineered Drovorub, a new strain of Linux malware that’s used to create backdoors and allow unauthorized, persistent remote access to hacked networks.
Once inside the network, the hackers have a free rein to what they want to do, be it interfering in an election or stealing industry secrets. The malware is also hard to detect due to its stealthy, advanced rootkit mechanisms.
To avoid getting infected by Drovorub, the NSA and FBI recommend updating the kernel of Linux systems to at least version 3.7, configuring said systems with digital signatures, and enabling UEFI Secure Boot.