Drovorub: Russian

Russian “can opener” reveals Linux-based solutions


IT NewsMarket newsSecurity

Olga Blinkova

Drovorub: Russian

The FBI and ANS claim that the Drovorub malware (the word resembles both the nouns “lumberjack” and “woodcutter”) operates in the United States, which is allegedly used by Russian hackers for their own purposes.
working for the government of the Russian Federation. The malware is designed to create backdoors in solutions running Linux.

The ZDNet edition notes that according to the FBI and ANS, the new malware is a product of the APT28 unit (Fancy Bear, Sednit), a hacker Russian military group operating within the GRU unit 26165
Russia. We emphasize once again that this is only speculation by foreign intelligence services.

The FBI and ANS urge information security professionals working in different organizations to be vigilant and take precautions.

In their statements, Drovorub is called a “can opener” capable of opening solutions based on the Linux operating system.

Drovorub is a multi-component system that includes a digital implant, kernel module rootkit, file transfer tool, port forwarding module, and command and control server (C2).
With it, you can both steal files and take control of other people’s computers. This multipurpose tool can be used for both industrial espionage and electoral interference.

The FBI and ANS are offering US organizations to update their Linux operating system to version 3.7 and higher.

cybersecurity, cyber espionage

Magazine: IT-News Magazine, Magazine Subscription



Leave a Comment