New “Lightning Framework” malware targets Linux systems, installs rootkits

On Thursday, a new and previously unrevealed malware called “Lightning Framework” targets Linux systems and can be used to backdoor infected devices using SSH and deploy multiple types of rootkits.

Lightning Framework is a modular malware that also comes with the support for plugins.

“The framework has both passive and active capabilities for communication with the threat actor, including opening up SSH on an infected machine, and a polymorphic malleable command and control configuration,” said Intezer security researcher Ryan Robinson as per Bleeping Computer.

The malware still hasn’t been spotted in the Wild, and some of its components (referenced in the source code) are yet to be discovered and analyzed.

According to Bleeping Computer, Lightning Framework is developed by using a simple structure: a downloader component that will download and install the malware’s other modules and plugins, including its core module, on compromised Linux devices.

The malware uses typosquatting and will pretend as the Seahorse GNOME password and encryption key manager to avoid detection on infected systems.

“After reaching out to its command-and-control (C2) server over TCP sockets using C2 info stored in undetectable polymorphic encoded configuration files, Lightning Framework fetches its plugins and the core module,” a source as per Bleeping Computer.




Readers like you help support The Tech Outlook. When you make a purchase using links on our site, we may earn an affiliate commission. We cannot guarantee the Product information shown is 100% accurate and we advise you to check the product listing on the original manufacturer website. Thetechoutlook is not responsible for price changes carried out by retailers. The discounted price or deal mentioned in this item was available at the time of writing and may be subject to time restrictions and/or limited unit availability. Amazon and the Amazon logo are trademarks of Amazon.com, Inc. or its affiliates Read More

Advertisement

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More