View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
December 18, 2014

Linux platforms vulnerable to Grinch malware

It can allow attackers to remotely install applications and steal data.

By CBR Staff Writer

Cyber security firm Alert Logic has discovered a bug called Grinch, which is claimed to affect Linux based systems.

Linux systems account for more than 65% of web servers on the Internet, Alert Logic said citing a report by W3Tech.

The new bug allows attackers to carry out malicious activities on the system including remote installation of applications and theft of data.

According to the security experts, Linux based personal computers, servers and Android devices could be vulnerable to the attack.

The bug resides in the new Linux authorisation system that facilitates privilege growth through Wheel, which is a special user group that controls access to the ‘su’ command that allows one user to impersonate another user.

Alert Logic said: "When a Linux system is built, the default user is assigned to the wheel group that allows for administrative task execution within the system."

"For example, if the file is owned by user XYZ and group wheel, it will run as XYZ:wheel, no matter who executes the file."

Content from our partners
Powering AI’s potential: turning promise into reality
Unlocking growth through hybrid cloud: 5 key takeaways
How businesses can safeguard themselves on the cyber frontline reported Alert Logic threat research director Stephen Coty as saying: "anything that is set up by the Linux default settings would be affected by grinch."

"This vulnerability could allow the attacker to install any type of software they want to, meaning remote access trojans (RATs), or software where they 100 percent own that box, or software where they can exfiltrate 100 percent of the information off a [targeted] server."

"They could install anything, so the possibilities are really endless at that point."

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.