Jump to content

Search the Community

Showing results for tags 'ignacio sanmillan'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Informatii generale
    • Anunturi importante
    • Bine ai venit
    • Proiecte RST
  • Sectiunea tehnica
    • Exploituri
    • Challenges (CTF)
    • Bug Bounty
    • Programare
    • Securitate web
    • Reverse engineering & exploit development
    • Mobile security
    • Sisteme de operare si discutii hardware
    • Electronica
    • Wireless Pentesting
    • Black SEO & monetizare
  • Tutoriale
    • Tutoriale in romana
    • Tutoriale in engleza
    • Tutoriale video
  • Programe
    • Programe hacking
    • Programe securitate
    • Programe utile
    • Free stuff
  • Discutii generale
    • RST Market
    • Off-topic
    • Discutii incepatori
    • Stiri securitate
    • Linkuri
    • Cosul de gunoi
  • Club Test's Topics
  • Clubul saraciei absolute's Topics
  • Chernobyl Hackers's Topics
  • Programming & Fun's Jokes / Funny pictures (programming related!)
  • Programming & Fun's Programming
  • Programming & Fun's Programming challenges
  • Bani pă net's Topics
  • Cumparaturi online's Topics
  • Web Development's Forum
  • 3D Print's Topics

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


Website URL


Yahoo


Jabber


Skype


Location


Interests


Occupation


Interests


Biography


Location

Found 1 result

  1. Kobalos’ codebase is tiny, but its impact is not. A small but complex malware variant is targeting supercomputers worldwide. Reverse engineered by ESET and described in a blog post on Tuesday, the malware has been traced back to attacks against supercomputers used by a large Asian Internet Service Provider (ISP), a US endpoint security vendor, and a number of privately-held servers, among other targets. The cybersecurity team has named the malware Kobalos in deference to the kobalos, a small creature in Greek mythology believed to cause mischief. Kobalos is unusual for a number of reasons. The malware's codebase is tiny but is sophisticated enough to impact at least Linux, BSD, and Solaris operating systems. ESET suspects it may possibly be compatible with attacks against AIX and Microsoft Windows machines, too. While working with the CERN Computer Security Team, ESET realized the "unique, multiplatform" malware was targeting high performance computer (HPC) clusters. In some cases of infection, it appears that 'sidekick' malware hijacks SSH server connections to steal credentials that are then used to obtain access to HPC clusters and deploy Kobalos. Kobalos is, in essence, a backdoor. Once the malware has landed on a supercomputer, the code buries itself in an OpenSSH server executable and will trigger the backdoor if a call is made through a specific TCP source port. Other variants act as middlemen for traditional command-and-control (C2) server connections. Kobalos grants its operators remote access to file systems, allows them to spawn terminal sessions, and also acts as connection points to other servers infected with the malware. ESET says that a unique facet of Kobalos is its ability to turn any compromised server into a C2 through a single command. The malware was a challenge to analyze as all of its code is held in a "single function that recursively calls itself to perform subtasks," ESET says, adding that all strings are encrypted as a further barrier to reverse engineering. As of now, more research needs to be conducted in the malware -- and who may be responsible for its development. Via zdnet.com
×
×
  • Create New...