You are not logged in.
- Topics: Active | Unanswered
#1 2022-09-06 10:42:17
- d_fajardo
- Member
- Registered: 2017-07-28
- Posts: 1,653
Any thoughts on the Shikitega malware?
I've just been reading about the Shikitega malware. I must admit I don't understand it all so just would like to hear opinions on it.
Is this severe? And how do we protect against it. There are already recommended actions on the site but any more suggestions are of course helpful.
Offline
#2 2022-09-06 11:05:03
- Slithery
- Administrator
- From: Norfolk, UK
- Registered: 2013-12-01
- Posts: 5,776
Re: Any thoughts on the Shikitega malware?
That piece of malware relies on two different exploits. One of them has already been fixed...
https://security.archlinux.org/CVE-2021-4034
and the other only applies to a Ubuntu patched kernel...
https://cve.mitre.org/cgi-bin/cvename.c … -2021-3493
I'd say there's nothing to worry about.
Offline
#3 2022-09-06 11:24:09
- Lone_Wolf
- Administrator
- From: Netherlands, Europe
- Registered: 2005-10-04
- Posts: 13,207
Re: Any thoughts on the Shikitega malware?
Looking at the article, during the first 2 stages it only needs user rights.
The vulnerabilities to elevate to root make the 3rd stage possible.
Assuming an archlinux system is fully uptodate , this malware could enter the system but not do much harm.
Disliking systemd intensely, but not satisfied with alternatives so focusing on taming systemd.
clean chroot building not flexible enough ?
Try clean chroot manager by graysky
Offline
#4 2022-09-06 12:29:36
- d_fajardo
- Member
- Registered: 2017-07-28
- Posts: 1,653
Re: Any thoughts on the Shikitega malware?
Ok, thanks for the thoughts.
Offline