Newly found Lightning Framework Offers a Plethora of Linux Hacking

upnorth

upnorth

Moderator
Thread author
Verified
Staff Member
Malware Hunter
Well-known
Jul 27, 2015
5,459
Content source
https://arstechnica.com/information-technology/2022/07/newly-found-lightning-framework-offers-a-plethora-of-linux-hacking-capabilities/
The software framework has become essential to developing almost all complex software these days. The Django Web framework, for instance, bundles all the libraries, image files, and other components needed to quickly build and deploy web apps, making it a mainstay at companies like Google, Spotify, and Pinterest. Frameworks provide a platform that performs common functions like logging and authentication shared across an app ecosystem.

Last week, researchers from security firm Intezer revealed the Lightning Framework, a modular malware framework for Linux that has gone undocumented until now. Lightning Framework is post-exploit malware, meaning it gets installed after an attacker has already gained access to a targeted machine. Once installed, it can provide some of the same efficiencies and speed to Linux compromises that Django provides for web development. “It is rare to see such an intricate framework developed for targeting Linux systems,” Ryan Robinson, a security researcher at Intezer, wrote in a post. “Lightning is a modular framework we discovered that has a plethora of capabilities, and the ability to install multiple types of rootkit, as well as the capability to run plugins.”
Click to expand...
Lightning consists of a downloader named Lightning.Downloader and a core module named Lightning.Core. They connect to a designated command and control server to download software and receive commands, respectively. Users can then run any of at least seven modules that do all kinds of other nefarious things. Capabilities include both passive and active communications with the threat actor, including opening a secure shell on the infected machine and a polymorphic malleable command.

The framework has both passive and active capabilities for communication with the threat actor, including opening up SSH on an infected machine, and support for connecting to command and control servers that use malleable profiles. Malware frameworks have existed for years, but there aren’t many that provide so much comprehensive support for the hacking of Linux machines.
Click to expand...
arstechnica.com

Newly found Lightning Framework offers a plethora of Linux hacking capabilities

This modular malware framework for Linux has gone undocumented until now.
arstechnica.com arstechnica.com
 
  • Like
  • Wow
Reactions: Gandalf_The_Grey, [correlate], silversurfer and 2 others
You must log in or register to reply here.

Similar threads

[correlate]
    • Like
PhonyC2: Revealing a New Malicious Command & Control Framework by MuddyWater
Replies
0
Views
1,043
News Archive
[correlate]
[correlate]
Gandalf_The_Grey
    • Like
    • +Reputation
EU Digital Identity framework (eIDAS) another kind of chat control?
Replies
0
Views
583
News Archive
Gandalf_The_Grey
Gandalf_The_Grey
vtqhtr413
    • Like
Framework’s GitHub gives us more reasons to be excited about the 16-inch modular laptop.
Replies
0
Views
407
News Archive
vtqhtr413
vtqhtr413

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top