According to the latest report released by Kaspersky, hackers have gradually migrated their targets to Linux servers and workstations . Although Windows systems have always been the target of hackers, advanced persistent threats (APTs) have now become a serious problem in the Linux world.
Although there are so many popular examples, such as TwoSail Trash, Sofacy, and Equation, Linux systems are seldom or never addressed in the view of most users.
In fact, there are loads of webshells, backdoors and Linux-specific rootkits. A recent example of this is the backdoor of Penguin x64 Linux built by the Russian hacker Turla. Lazarus, a South Korean malware company, has also extended its Linux malware collection, using different methods for espionage and financial assaults.
Yury Namestnikov, head of the Global Research and Analysis Team (GReAT) at Kaspersky stated:
Our experts have repeatedly discovered the trend of strengthening the APT tool set in the past, and Linux-centric tools are no exception. To ensure the security of the system, IT and security departments use Linux more frequently than before. Threat actors are responding to this problem by creating sophisticated tools that can penetrate such systems. We recommend that cyber security experts take this trend into consideration and implement additional measures to protect their servers and workstations.