You are not logged in.

#1 2022-09-06 10:42:17

d_fajardo
Member
Registered: 2017-07-28
Posts: 1,563

Any thoughts on the Shikitega malware?

I've just been reading about the Shikitega malware. I must admit I don't understand it all so just would like to hear opinions on it.
Is this severe? And how do we protect against it. There are already recommended actions on the site but any more suggestions are of course helpful.

Offline

#2 2022-09-06 11:05:03

Slithery
Administrator
From: Norfolk, UK
Registered: 2013-12-01
Posts: 5,776

Re: Any thoughts on the Shikitega malware?

That piece of malware relies on two different exploits. One of them has already been fixed...
https://security.archlinux.org/CVE-2021-4034
and the other only applies to a Ubuntu patched kernel...
https://cve.mitre.org/cgi-bin/cvename.c … -2021-3493

I'd say there's nothing to worry about.


No, it didn't "fix" anything. It just shifted the brokeness one space to the right. - jasonwryan
Closing -- for deletion; Banning -- for muppetry. - jasonwryan

aur - dotfiles

Offline

#3 2022-09-06 11:24:09

Lone_Wolf
Member
From: Netherlands, Europe
Registered: 2005-10-04
Posts: 11,868

Re: Any thoughts on the Shikitega malware?

Looking at the article, during the first 2 stages it only needs user rights.
The vulnerabilities to elevate to root make the 3rd stage possible.

Assuming an archlinux  system is fully uptodate , this malware could enter the system but not do much harm.


Disliking systemd intensely, but not satisfied with alternatives so focusing on taming systemd.


(A works at time B)  && (time C > time B ) ≠  (A works at time C)

Offline

#4 2022-09-06 12:29:36

d_fajardo
Member
Registered: 2017-07-28
Posts: 1,563

Re: Any thoughts on the Shikitega malware?

Ok, thanks for the thoughts.

Offline

Board footer

Powered by FluxBB