A new threat has been found by Kasperky Labs
The Linux Turla is a new piece of malware designed to infect only Linux computers, which has managed to remain relatively hidden until now and has the potential of doing a lot of harm. Unfortunately, very little is known about it or how to fix it.
It doesn’t need root
One of the most interesting aspects of this Turla cd00r-based malware is that is doesn’t require elevated privileges, which is probably one of the reasons it’s so dangerous. It needs to be activated remotely with a „magic packet“ (similar to port knocking) and it needs existing network interface name. The end result is that it provides a backdoor to the user’s computer, and that the attacker can send commands with „/bin/sh -c “ script.“. It’s a little bit more complicated than this, but that is just the summary of it.