Dangerous new 'RedXOR' Linux malware linked to Chinese state actors

Linux-based operating systems are widely used by companies like Amazon, Facebook, Twitter and Google, making them prime targets for malware creators. 

| Updated on: Aug 21 2022, 15:50 IST
Linux-based distributions may not be as safe as we thought.
Linux-based distributions may not be as safe as we thought. (Kevin Horvat/Unsplash)
Linux-based distributions may not be as safe as we thought.
Linux-based distributions may not be as safe as we thought. (Kevin Horvat/Unsplash)

Linux distributions like Ubuntu, Fedora and Manjaro might be widely considered a more secure operating system than Windows, but it is a fact that no operating system is completely secure and free from vulnerabilities. According to a new report, hackers are now using an advanced malware to target Linux servers, which power most of the internet.

According to a report by Bleeping Computer, a group of researchers at Intezer discovered the malware, which they have called RedXOR. Based on how the malware operates and the code it runs, the experts think it was created by advanced Chinese hackers. They also believe it is still being used to control systems that it compromised, as the command and control server which they were using was intermittently available when they were trying to studying the malware.

Read more: Microsoft doubles down on protecting users from Excel macro malware

It is a common misconception that Linux based systems are targeted less than Microsoft because the number of users is much lower than Windows. This might be true for desktop users but in terms of server operating systems, Linux-based operating systems are the most widely used - powering companies like Facebook, Google, Amazon, Twitter and many more.

A report by Techcrunch also states RedXOR is just a “part of a trend” of constant attacks on Linux systems, and that powerful countries or groups connected with those countries were actively working on new ways to attack Linux systems and compromise them. Countries like Indonesia and Taiwan seem to be targeted the most by the RedXOR malware.

Also read: Kali Linux 2021.1 released with initial support for Apple Silicon and Raspberry Pi, several new tools

Linux users who are afraid that they might be targeted by the malware can only update their systems and make sure they have the latest packages installed on their system, and possibly run a few Linux security tools like rkhunter, lynis, chkrootkit, clamav, and LMD to make sure their systems are safe. But given how many of these attacks are Zero-Day malware, it is very unlikely that these tools will be able to detect malware like this in the first place.

Follow HT Tech for the latest tech news and reviews , also keep up with us on Whatsapp channel,Twitter, Facebook, Google News, and Instagram. For our latest videos, subscribe to our YouTube channel.

First Published Date: 12 Mar, 20:06 IST