“Linux variant of the Turla malware is for many years gone unnoticed”


Security company Kaspersky Labs has sophisticated malware for the Linux operating system found that part seems to be the infamous Turla malware. This malicious software is probably used for spionagedoeleinden and has for years gone unnoticed.

The Turla component for Linux is according to Kaspersky a module that is written in C/C++. The malware would be well-hidden to keep, for example, are invisible from admintools to Netstat. Also, the malware makes no use of Linux-components that root access require. The malicious software is not active until this a special package receives a command&control server. Then the malware silently commands of the attacker’s run.

Although it is not entirely clear is who is behind the malware, allows Kaspersky is that the malware is part of the Turla-malwarefamilie. This was up to now only on Windows-systems it encounters. Turla would be features that point to a Russian origin, and the malware would be so advanced that there is a government behind the development of the malware to sit, but a specific country, the Russian security company didn’t call.

In march of this year, let Symantec know that the Turla malware, probably thousands of computer networks has been infected in Europe, the Middle East and the United States, including systems of European secret services. Turla is probably used for spionagedoeleinden and would certainly be four years long remained unnoticed.