Linux operating system was once known to be the most secure OS in the world, but things have changed since security researchers have found malware like Mirai and Bashlite infecting Linux-devices turning them into DDoS botnets. Now, another malware has been discovered targeting Linux.
Dubbed Linux.Proxy.10 by researchers at Dr. Web; the malware has been developed to run Socket Secure (SOCKS), an Internet protocol that routes network packets between a client and server through a proxy server by freeware source code of the Satanic Socks Server.
According to Dr. Web’s blog post, “To distribute Linux.Proxy.10, cybercriminals log into the vulnerable devices via the SSH protocol, and at the same time the list of devices, as well as the logins and passwords («IP address: login: password») that go with them, are stored on their server.”
Based on its pattern, researchers noted that Linux.Proxy.10 takes over those devices which are already infected with another malware or have standard settings. The Linux.Proxy10 also comes with BackDoor.TeamViewer, a Spy-Agent administrator panel and a build of Windows malware from a known family of Trojan spyware.