Microsoft Warns Rise in XorDdos Malware Targeting Linux Devices



Condobloke

Well-Known Member
Joined
Apr 30, 2017
Messages
4,643
Reaction score
4,030
Credits
26,314
Is there a possibility that this could have been the cause/source of the latest attacks at Linux.org ?
 
OP
Bartman

Bartman

Well-Known Member
Joined
Mar 14, 2022
Messages
380
Reaction score
336
Credits
2,661
o_O:mad:
Does that mean ARM devices running Linux are also susceptible.
What can we do to prevent this.

From the article.

Besides being compiled for ARM, x86, and x64 architectures, the malware is designed to support different Linux distributions, not to mention come with features to siphon sensitive information, install a rootkit, and act as a vector for follow-on activities.

 
OP
Bartman

Bartman

Well-Known Member
Joined
Mar 14, 2022
Messages
380
Reaction score
336
Credits
2,661
Is there a possibility that this could have been the cause/source of the latest attacks at Linux.org ?
Good possibility that it was.
My understanding is cloud base servers are the main targets.
Seems to create havoc on whatever it attacks.
 
OP
Bartman

Bartman

Well-Known Member
Joined
Mar 14, 2022
Messages
380
Reaction score
336
Credits
2,661

 
D

Deleted member 140690

Guest
I see a lot about this online, but little to nothing products
to protect our computers from it, other than microsof 's own
Defender Endpoint.
Did not find any products to help from other sources.
 
D

Deleted member 140690

Guest

From the article.

Besides being compiled for ARM, x86, and x64 architectures, the malware is designed to support different Linux distributions, not to mention come with features to siphon sensitive information, install a rootkit, and act as a vector for follow-on activities.

Yes, read than when I got time to click the link.
 
OP
Bartman

Bartman

Well-Known Member
Joined
Mar 14, 2022
Messages
380
Reaction score
336
Credits
2,661
Best I can suggest is using CloudFlare and sand boxing your browser using Firejail and of course the UFW/GUFW firewall which is what I'm doing.

UblockOrigin and Privacy Badger are the browser extensions I use.

At this exact time I don't believe there is anything available for this in Linux.

This is a good reason why true Linux users prefer Linux to never become mega OS for the user home base.

I have faith in the Linux developers to develop a plan for keeping Linux safe.
 
D

Deleted member 140690

Guest
Best I can suggest is using CloudFlare and sand boxing your browser using Firejail and of course the UFW/GUFW firewall which is what I'm doing.

UblockOrigin and Privacy Badger are the browser extensions I use.

At this exact time I don't believe there is anything available for this in Linux.

This is a good reason why true Linux users prefer Linux to never become mega OS for the user home base.

I have faith in the Linux developers to develop a plan for keeping Linux safe.
Yes, I use CloudFlare, UFW, and ClamAv and a Rootkit scanner,
and where possible Brave browser with TOR.
Must delve deeper and see what else is available. M1 Macbook air
 

JasKinasis

Well-Known Member
Joined
Apr 25, 2017
Messages
1,489
Reaction score
2,114
Credits
10,609
Unless you’re the type of user who indiscriminately downloads and runs random things from the internet, it’s not likely to infect ordinary desktop installs of Linux. It’s more likely to infect vulnerable servers and IOT devices.
 

CrazedNerd

Gold Member
Gold Supporter
Joined
Mar 31, 2021
Messages
521
Reaction score
213
Credits
4,457
Unless you’re the type of user who indiscriminately downloads and runs random things from the internet, it’s not likely to infect ordinary desktop installs of Linux. It’s more likely to infect vulnerable servers and IOT devices.
You mean i can't do what the internet tells me to do anymore?!
 

SlowCoder

Gold Member
Gold Supporter
Joined
May 2, 2022
Messages
456
Reaction score
313
Credits
3,611
"Its SSH brute-force attacks are a relatively simple yet effective technique for gaining root access over a number of potential targets."

This has nothing to do with Linux. It has to do with IoT manufacturers not properly securing SSH. Linux just happens to be the OS running most IoT devices, and MS is throwing shade.
 

Condobloke

Well-Known Member
Joined
Apr 30, 2017
Messages
4,643
Reaction score
4,030
Credits
26,314
Unless you’re the type of user who indiscriminately downloads and runs random things from the internet, it’s not likely to infect ordinary desktop installs of Linux. It’s more likely to infect vulnerable servers and IOT devices.
"Its SSH brute-force attacks are a relatively simple yet effective technique for gaining root access over a number of potential targets."

This has nothing to do with Linux. It has to do with IoT manufacturers not properly securing SSH. Linux just happens to be the OS running most IoT devices, and MS is throwing shade.
And there you have it in a nutshell.
 

CrazedNerd

Gold Member
Gold Supporter
Joined
Mar 31, 2021
Messages
521
Reaction score
213
Credits
4,457
"Its SSH brute-force attacks are a relatively simple yet effective technique for gaining root access over a number of potential targets."

This has nothing to do with Linux. It has to do with IoT manufacturers not properly securing SSH. Linux just happens to be the OS running most IoT devices, and MS is throwing shade.
they're throwing shade in a particularly clever way too, aren't you glad you know about this?! Nobody will argue that MS is more secure than linux overall, all devices have vulnerabilities, the important thing to know is either a) how to exploit them b) if a vulnerability matters and why, security professionals tend to HORRIBLE job at shedding light on both of these issues.
 

SlowCoder

Gold Member
Gold Supporter
Joined
May 2, 2022
Messages
456
Reaction score
313
Credits
3,611
IoT has it's place in the world. But I have been vocal in my family that I do not IoT in my house, for this exact reason. By and large, IoT devices cannot be managed by the people who own them. Hence, we cannot guarantee they are secure and safe to have on our home networks.

My bro-in-law works for a big tech firm, and his house is full of gadgetry. All of his big appliances (refrigerator, dishwasher, clothes washer and drier), a full suite of cameras, Alexa and home automation to go with. He maintains multiple VLANs to separate his user devices from his IoT devices. It's all good and nifty, but his house would be a wet dream for a hacker if they could get in.

No thanks. I prefer to keep it simple. I don't need my drier to tell me it's done, or my fridge to tell me I'm out of milk.
 
D

Deleted member 140690

Guest
IoT has it's place in the world. But I have been vocal in my family that I do not IoT in my house, for this exact reason. By and large, IoT devices cannot be managed by the people who own them. Hence, we cannot guarantee they are secure and safe to have on our home networks.

My bro-in-law works for a big tech firm, and his house is full of gadgetry. All of his big appliances (refrigerator, dishwasher, clothes washer and drier), a full suite of cameras, Alexa and home automation to go with. He maintains multiple VLANs to separate his user devices from his IoT devices. It's all good and nifty, but his house would be a wet dream for a hacker if they could get in.

No thanks. I prefer to keep it simple. I don't need my drier to tell me it's done, or my fridge to tell me I'm out of milk.
Two times I made the mistake of connecting up to my brothers wifi,
both times I got infected, I had to re install a linux distro and my android phone went into a never ending boot loop, downloading the manufacturers restore software failed to restore the phone, I had to boot the phone, take my chance it would start for long enough to find and press the restore factory settings button, after three hours I managed that, yet the manufacturers own software got caught by the by the boot loop and could do nothing.

It is their router, learned not to go back there.
 

CrazedNerd

Gold Member
Gold Supporter
Joined
Mar 31, 2021
Messages
521
Reaction score
213
Credits
4,457
IoT has it's place in the world. But I have been vocal in my family that I do not IoT in my house, for this exact reason. By and large, IoT devices cannot be managed by the people who own them. Hence, we cannot guarantee they are secure and safe to have on our home networks.

My bro-in-law works for a big tech firm, and his house is full of gadgetry. All of his big appliances (refrigerator, dishwasher, clothes washer and drier), a full suite of cameras, Alexa and home automation to go with. He maintains multiple VLANs to separate his user devices from his IoT devices. It's all good and nifty, but his house would be a wet dream for a hacker if they could get in.

No thanks. I prefer to keep it simple. I don't need my drier to tell me it's done, or my fridge to tell me I'm out of milk.
Simplicity/security are pretty related. My laptop worked for 5 years before it broke a couple days ago, and I'm not getting a new one. I've already got two desktops and an android, there's no need.
 

Fanboi

Well-Known Member
Joined
Apr 16, 2021
Messages
499
Reaction score
406
Credits
6,114
IoT has it's place in the world. But I have been vocal in my family that I do not IoT in my house, for this exact reason. By and large, IoT devices cannot be managed by the people who own them. Hence, we cannot guarantee they are secure and safe to have on our home networks.

My bro-in-law works for a big tech firm, and his house is full of gadgetry. All of his big appliances (refrigerator, dishwasher, clothes washer and drier), a full suite of cameras, Alexa and home automation to go with. He maintains multiple VLANs to separate his user devices from his IoT devices. It's all good and nifty, but his house would be a wet dream for a hacker if they could get in.

No thanks. I prefer to keep it simple. I don't need my drier to tell me it's done, or my fridge to tell me I'm out of milk.
Amen brother! Can we get a hallelujah! ... I was very vocal, too, against IoT years ago when this stuff was starting to gain traction. TBH, I never imagined it would get this popular*. I have a strict policy about IoT devices, too. I'm going to end up the crazy guy who bought a shipping container full of PCs, parts, monitors, accessories, etc. and downloaded over a petabyte of media & entertainment so he could completely disconnect from the world in a bunker with borehole water and tons of solar panels & high-efficiency Lithium batteries, hahaha!

*because...
of how useless and "future dystopia"-ish it seemed on paper. I mean web browser on your fidge? I honestly, I foresaw tablets becoming the staple and merging down into phones -- so I was half right, phones merged up into tablets -- and eventually phones "docking" on your desktop with your peripherals instead of having a PC. I still see the latter as an inevitability, effectively destroying freedom of building your own rigs by through economy. It is fairly obvious that there's an ARM push, considering Apple's and intel's latest lines. By bringing ARM to the desktop seriously, it's gonna drive massive investment, financial and, obviously, R&D from others to compete, which will see a repeat of the x86 race. In fact it kinda started when ARM64 became a thing, though I'd say this was still the pre-qualifier race. Desktop will be the track all the action's happening on. Why do you think ARM GPUs have gotten so much attention? I mean "mobile gaming" (as in real games, not Fruit Ninja) was a market that did not demand the hardware ability, but instead appeared because of the hardware ability.
 
OP
Bartman

Bartman

Well-Known Member
Joined
Mar 14, 2022
Messages
380
Reaction score
336
Credits
2,661
"Its SSH brute-force attacks are a relatively simple yet effective technique for gaining root access over a number of potential targets."

This has nothing to do with Linux. It has to do with IoT manufacturers not properly securing SSH. Linux just happens to be the OS running most IoT devices, and MS is throwing shade.
IoT has it's place in the world. But I have been vocal in my family that I do not IoT in my house, for this exact reason. By and large, IoT devices cannot be managed by the people who own them. Hence, we cannot guarantee they are secure and safe to have on our home networks.

My bro-in-law works for a big tech firm, and his house is full of gadgetry. All of his big appliances (refrigerator, dishwasher, clothes washer and drier), a full suite of cameras, Alexa and home automation to go with. He maintains multiple VLANs to separate his user devices from his IoT devices. It's all good and nifty, but his house would be a wet dream for a hacker if they could get in.

No thanks. I prefer to keep it simple. I don't need my drier to tell me it's done, or my fridge to tell me I'm out of milk.
OH hell no we have zero lot devices in our house and who the hell needs a refrigerator creating my grocery list.

I don't trust anyone's wifi or connect to anyone's wifi.
No one connects any of their devices to our internet service.
We don't sync any devices to another device.
Desktops are all hardwired and only have one laptop the Wife uses.
 
$100 Digital Ocean Credit
Get a free VM to test out Linux!

Linux.org Hosting Donations
Consider making a donation

Members online


Top