Linux Backdoor Doesn’t Need Root Privileges
Researchers have discovered a new backdoor called Fysbis that is aimed at Linux machines. The new malware has extremely sophisticated properties, and experts suspect it might have come from the APT 28 cyber-espionage group, which reportedly has ties with Russia.
One insidious quality of Fysbis is that it doesn't require root access to start working for the attacker. The malware is apparently able to enter the system at a lesser security level and begin reconnaissance, performing tests and sending information back to a remote command and control center with clues for how to escalate privileges. According to a report at TechWorm, Fysbis can “… open a remote shell on the infected machine, run commands on the attacker's behalf, find, read, save, execute, or delete files, and log keyboard input.”