NSA and FBI jointly reveal Drvorub, a malicious Linux system built in Russia

Earlier, the US National Security Agency ( NSA) and the Federal Investigation Bureau (FBI) released a press release jointly exposing the malware tools used by Russian military hackers in cyber espionage.

In the comprehensive report published Thursday, hackers working for Russia’s General Staff’s

Army Special Service Center (Unit 26165) used a malware program called “Drovorub” to directly launch attacks
on Linux networks.

These hackers are also referred to as APT28, or Fancy Bear.
In 2016 they invaded the Democratic National Committee and frequently launched attacks on defence, government, aerospace, and other areas.

Although the alert did not contain specific details about the “Drovorub” victims, US officials said they had issued alerts this Thursday to multiple agencies to raise awareness of hacking and vulnerabilities in the defense sector.

In the study, the National Security Agency and the FBI stated:
The malware posed a threat because Linux applications are commonly used in the US national security infrastructure, the Department of Defense and the National Defense Industrial Base.”