APT Groups Increasingly Targeting Linux-Based Devices


Level 69
Content Creator
Malware Hunter
Aug 17, 2014
APT groups are increasingly executing targeted attacks against Linux-based devices as well as developing more Linux-focused tools, according to an investigation by Kaspersky.

This is as a result of a growing number of organizations’ selecting Linux ahead of Windows to run their strategically important servers and systems, and the perception that the Linux operating system is safer and less likely to be targeted by malware as it is less popular.

However, threat-actors have been observed to adapt their tactics to take advantage of this trend, and Kaspersky noted that “over a dozen APT actors have been observed to use Linux malware or some Linux-based modules” during the past eight years.

These include notorious groups such as Turla, Lazarus, Barium, Sofacy, the Lamberts and Equation. Kaspersky highlighted the example of Russian speaking APT group Turla using Linux backdoors as part of its changing toolset in recent years.

The cybersecurity company added that while targeted Linux-based systems are still uncommon, there is still malware designed to target them, including webshells, backdoors, rootkits and even custom-made exploits.
Full report by researchers (Kaspersky): An overview of targeted attacks and APTs on Linux


Level 85
Content Creator
Jul 3, 2015
Fortunately for us, home users are not usually targetted. We aren't worth the money and the effort. With so many people working at home, I am reading reports that hackers try to break into home networks in order to gain a foothold into the remote corporate network. But even so, I think they will probably leave the home user alone when they don't find what they are looking for.