Escuche esta historia

--:--

3:50

What is Symbiote? A virus that affects Linux

Andy Vilchez
4 min de lectura
What is Symbiote? A virus that affects Linux – Technology – WebMediums
Symbiote is a Linux virus discovered by Blackberry and which is very dangerous.

It is believed that Linux-based operating systems are not prone to viruses, however, this is not true. Just as there are viruses for Windows, there are viruses for Linux, only these are less frequent. However, saying that it is less frequent does not mean that the probability is nil.

This time we are going to talk about a recent and dangerous virus that has been affecting Linux for some time. We are specifically talking about Symbiote, a virus detected a few days ago by Blackberry and that can be quite dangerous for the system.

What is Symbiote?

What is Symbiote? A virus that affects Linux – Technology – WebMediums
This virus is capable of stealing banking credentials on the infected device.

This is a new virus that could be considered a "parasite", since it infects computers silently. During the infection, it extracts information such as credentials without the person being aware of it.

This virus can be in the person's computer for a long time, since it acts stealthily and does not affect the operation of the computer at all. This makes it very difficult to detect and can act with impunity.

Blackberry, the company that detected the virus, has issued a statement explaining how Symbiote works. This statement says the following:

What makes this virus different from other Linux malware is that it acts in a way that we have not seen before. It needs to infect other processes in order to cause damage to infected computers.Unlike others, this is not an executable file that affects the computer when opened, but rather a library of objects in the operating system itself. It uses LD_PRELOAD (T1574.006) to be able to infect the computer(s) in a parasitic way.Once it infects running processes, it becomes a rootkit, which has the ability to harvest credentials and even grant remote access to the attacker.

In this sense, we have that this virus hides among the computer's own files and remains hidden while it steals information. It is often "hooked" into libc and libpcap, thus preventing it from being found.

According to Blackberry, this is malware that is very elusive, so detecting it is extremely difficult. Its function is to steal credentials while acting as a backdoor for infected computers.

The malware also uses the Berkeley Packet Filter feature in order to hide malicious traffic. This makes it even more difficult to detect it and an exhaustive search is required to know if it is infected or not.

At the moment there is no effective solution against this virus, but it is expected that in the coming days or weeks we can see security patches being released that can correct this serious vulnerability in systems.

When was this virus detected?

What is Symbiote? A virus that affects Linux – Technology – WebMediums
The virus was detected a few months ago.

From what has been known, this virus was detected for the first time a few months ago, to be more specific, we are talking about the month of November 2021.

Once you are infected by this malware, it hides itself in such a way that it cannot be detected. According to Blackberry, the objective of this virus would be to attack the Latin American financial sector. In other words, its main objective is to steal bank credentials and any other financial instrument such as cryptocurrency wallets and more.

At the moment, Symbiote has been detected on a small number of computers, so it hasn't been a big problem. However, it is not ruled out that it could be used to carry out large-scale attacks.

What are the recommendations against these threats?

What is Symbiote? A virus that affects Linux – Technology – WebMediums
Prevention is the best weapon you have against a computer virus.

Faced with this type of virus there are not many more things to do, except to prevent. That is why there are several things you can do to try to prevent and avoid being a victim of this or any other virus on your computer.

The main thing you should do is keep your equipment always up to date. From time to time improvements and security patches are released that correct vulnerabilities in the system. So make sure you always keep your computer up to date to avoid any inconvenience.

Similarly, it is important that you avoid downloading files from sites of dubious origin. Just as you have to be careful with links in emails that you don't know about.

Cybercriminals take advantage of any carelessness you have in order to infect your computer. Although Linux is less prone to these viruses, the truth is that they are not exempt. The best way to avoid being a victim of malware is with prevention.

Responses