The web is full of amazing things that can leave you enthralled from sunrise to sunset. The lure of social media is so strong it is almost impossible to ignore it. Then, there are opportunities for work and business that you can take advantage that only the web can offer. We love posting pictures on social media and relish the likes we get from family and friends. Our digital machines not only serve as portals to the web but also as storage for our most important of files. But as the digital world continues to grow and improve, the threat of cyber criminals grows even stronger and more menacing than ever.
The world thinks that Macs and Linux PCs are immune to these attacks but as the days go by, we become more aware that this is not entirely true. These gadgets can also be hacked although not as easily as most Window-powered computers. Yet knowing how lucrative this market is and how affluent most of its users are, cyber criminals are busy at work in devising malware that can infect these high-end computers for profit.
WikiLeaks today revealed 3 new hacking tools built by the CIA that target Mac and Linux computers. The leaked hacking tools are supposedly related to the CIA’s so-called Imperial project.
The first hacking tool called Achilles, is probably the most interesting out of the three. Achilles can be used by CIA operators to essentially pack malicious applications with an actual macOS app (.dmg) for one-time execution. Once a user installs the infected file, the malicious app would run in the background without the user noticing its execution, and it’ll also self-destruct — leaving the actual application look untouched. The first version of Achilles was built back in 2011, tested only on macOS’ Snow Leopard (10.6).
The second and third tools are known as SeaPea and Aeris, respectively. SeaPea can be used by CIA operators to get low-level access to a Mac without the user even realizing, and the only way to completely get rid of the tool would require the user to completely format their main drive. Similar to Achilles, SeaPea was also developed in 2011 and tested on macOS’ Snow Leopard (10.6) and Lion (10.7). Aeris, on the other hand, is apparently built to backdoor Linux and affects Debian, CentOS, and Red Hat.
The world was shaken when WannaCry came like a thief in the night and crippled big companies and institutions for days. However, it mostly affected older versions of Window PCs. Yet, Macs also have Fruitfly, for instance, a malware capable of performing advanced surveillance on MacOS gadgets. This very same malware also wreaks havoc on Linux PCs. It is a good thing that a simple device update can save you from a major headache unless your gadget has already been infected.
Last month, a group of attackers exploited a vulnerability in the Samba file-sharing software to hack into Linux systems and install malware. The same group is now targeting Windows systems with a new backdoor program.
The newly discovered malicious program has been dubbed CowerSnail by researchers from antivirus vendor Kaspersky Lab. They believe it was created by the same attackers who installed cryptocurrency mining software on Linux computers in early June because it shares the same command-and-control server.
The June attack campaign took advantage of a remote code execution vulnerability known as SambaCry that affected all Samba versions released over the past seven years. Samba is a software package for Unix-based systems that implements the SMB network protocol. It is used to share files between computers on local networks.
Cyber criminals don’t stop in looking for vulnerabilities in systems that they can take advantage of and make money from. Linux is one of the latest victims as these criminals hacked the Samba file-sharing software in order to install malware into Linux that used to be so safe from cyber attacks alongside Macs but not anymore. By doing so, cyber-hackers can mine digital currencies like Bitcoins etc. through compromised computers they have taken control over. The frightening part here is the big possibility that these criminals can create more malware using this platform, a big reason to be worried about among Linux users who used to feel so safe and secured, unlike most Windows users.