New Linux malware is controlled through emojis sent from Discord - eviltoast

A newly discovered Linux malware dubbed ‘DISGOMOJI’ uses the novel approach of utilizing emojis to execute commands on infected devices in attacks on government agencies in India.

    • sugar_in_your_tea@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      2
      arrow-down
      1
      ·
      6 months ago

      Especially Linux malware. It’s not a huge target, so it’s likely to be low effort stuff like this instead of zero-days attacking some linux-specific API. That level of attack is reserved for higher value targets, like servers and windows.

      • KISSmyOSFeddit@lemmy.world
        link
        fedilink
        English
        arrow-up
        5
        ·
        6 months ago

        It’s not a huge target

        I never understood that claim. Most of the internet, most servers and most machine controllers, as well as most cloud services (including Microsoft Azure) run on Linux.
        It’s the biggest target in the world.

        • sugar_in_your_tea@sh.itjust.works
          link
          fedilink
          English
          arrow-up
          5
          ·
          6 months ago

          Linux servers are, and I specifically called that out. The types of attacks you use against a server are very different than attacks against a desktop. Most desktops don’t run web servers, and most servers don’t run discord or web browsers.

          So linux desktops should see a lot fewer attacks than servers because the value of successfully attacking them is much lower. As that changes, so will the amount of malware targeting linux desktops.

        • sugar_in_your_tea@sh.itjust.works
          link
          fedilink
          English
          arrow-up
          1
          ·
          edit-2
          6 months ago

          Exactly, because they’re high value targets, as I mentioned. But they’re going to use more exotic exploits than an attack on linux desktops, because the expected return vs work to get the exploit makes more sense. Grandma isn’t likely using linux to access her bank account, but she is likely accessing a linux server.