![]() Capabilities include both passive and active communications with the threat actor, including opening a secure shell on the infected machine and a polymorphic malleable command. Users can then run any of at least seven modules that do all kinds of other nefarious things. They connect to a designated command and control server to download software and receive commands, respectively. Lightning consists of a downloader named Lightning.Downloader and a core module named Lightning.Core. “Lightning is a modular framework we discovered that has a plethora of capabilities, and the ability to install multiple types of rootkit, as well as the capability to run plugins.” ![]() “It is rare to see such an intricate framework developed for targeting Linux systems,” Ryan Robinson, a security researcher at Intezer, wrote in a post. Once installed, it can provide some of the same efficiencies and speed to Linux compromises that Django provides for web development. Lightning Framework is post-exploit malware, meaning it gets installed after an attacker has already gained access to a targeted machine. Last week, researchers from security firm Intezer revealed the Lightning Framework, a modular malware framework for Linux that has gone undocumented until now. Frameworks provide a platform that performs common functions like logging and authentication shared across an app ecosystem. The Django Web framework, for instance, bundles all the libraries, image files, and other components needed to quickly build and deploy web apps, making it a mainstay at companies like Google, Spotify, and Pinterest. The software framework has become essential to developing almost all complex software these days.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |