Author Topic: **UPDATE** Xbash Malware Uninstalls Cloud Security Products  (Read 698 times)

0 Members and 1 Guest are viewing this topic.

Offline Antus67

  • Full Member
  • ***
  • Posts: 94
    • View Profile
**UPDATE** Xbash Malware Uninstalls Cloud Security Products
« on: January 19, 2019, 12:49:25 AM »

By Ionut Arghire on January 18, 2019

Recent samples of the destructive Xbash Linux malware can uninstall cloud security protection products from infected servers, Palo Alto Networks reports.

First detailed last year, the malware features a broad set of malicious capabilities, ranging from ransomware and crypto-currency mining to self-propagation, database deletion, and the enrolling of compromised servers into a botnet.

The malware is used by a group referred to as Rocke, which is associated with the Iron cybercrime group. More recent samples of Xbash include new code to uninstall five different cloud security protection and monitoring products from infected Linux servers, Palo Alto Networks’ security researchers say.

Full Article Here:https://www.securityweek.com/xbash-malware-uninstalls-cloud-security-products