Last Tuesday, the 13th, cybersecurity experts released an alarming report about a website that represented several threats to Linux operating system users.
The problematic website is known as “freedownloadmanager.org”, a platform that, according to analysis of professionals, was distributing files infected with a dangerous virus to the community Linux.
see more
It will soon be possible to LIVE on the Moon; understand how and why
It will now be possible to trade cryptocurrencies via Telegram; understand how
The investigation discovered that, starting in 2020, some of the downloads made on the website were redirected to another page, “deb.fdmpkg.org”.
This page contained a malicious script that, when resolved, simultaneously started the installation of two files placed on the victim's device.
The problem is that these files continued to operate in the background, secretly collecting sensitive information from the “awarded” user's device.
After connecting to an IP address associated with the malicious domain, the backdoor began operating a reverse shell, which allowed attackers to remotely control the infected device.
The team of security experts at Kaspersky, the company that defines this malware, contributed an in-depth analysis, streaming the virus in the background to understand its behavior on affected devices.
A detailed analysis revealed that this data-stealing malware was collecting a wide range of sensitive information from compromised devices.
(Image: disclosure)
The theft included data such as system information, browsing history, stored passwords, wallet files of cryptocurrencies and even credentials for cloud services, such as AWS, Google Cloud, Oracle Cloud Infrastructure and Azure.
This extensive list of information provided highlighted the high risk posed by this malware, specifically targeting devices using the Linux operating system.
Even with a known track record, cybersecurity experts faced a puzzling challenge in dealing with the malware distributed by this site.
They were unable to identify the parameters or criteria that determined why some people were redirected to a benign version of the app, while others ended up receiving the same. infected file.
To avoid infections by malware and other types of viruses, it is recommended to keep the operating system always well updated and with an active antivirus.
At Trezeme Digital, we understand the importance of effective communication. We know that every word matters, which is why we strive to deliver content that is relevant, engaging and personalized to meet your needs.
