Linux devices are under attack by a never-before-seen worm

Based on Mirai malware, self-replicating NoaBot installs cryptomining app on infected devices.

https://arstechnica.com/security/2024/01/a-previously-unknown-worm-has-been-stealthily-targeting-linux-devices-for-a-year/Open link View original on mbin.grits.dev

112

Comments17

Kairos

lemmy.today

the NoaBot targets weak passwords connecting SSH connections.

Harden your configs people.

AllowUsers is a really goood one.

𝓢𝓮𝓮𝓙𝓪𝔂𝓔𝓶𝓶 reply

lemmy.procrastinati.org

Or just don't allow password auth at all.

jose1324 reply

lemmy.world

Or just have a good password

𝓢𝓮𝓮𝓙𝓪𝔂𝓔𝓶𝓶 reply

lemmy.procrastinati.org

If we're going to play that game. Require an Ed25519 key with a strong password.

lemmyng reply

lemmy.ca

Or ed25519-sk.

mozz reply

mbin.grits.dev

(In this case the "wrench" is just breaking into some weak link that isn't ssh, once your password is strong to not be a weak link)

flambonkscious

sh.itjust.works

Akamai has published an extensive library of indicators that people can use to check for signs of NoaBot on their devices (https://github.com/akamai/akamai-security-research/tree/main)

GCs those Akamai folks...

randomperson reply

lemmy.today

What does GC stand for? https://www.acronymfinder.com/Slang/GC.html

flambonkscious reply

sh.itjust.works

Good cunts - it's originally an Aussie term of endearment, as far as I'm aware

SpongeBorgCubePants reply

lemmy.world

Garbage Collection

reflex reply

kbin.social

sir_pronoun reply

lemmy.world

In this context i'm going with Game Chick from that list, because none make sense to me.

massive_bereavement reply

kbin.social

Game Cube

LanternEverywhere reply

kbin.social

Group chat?

https://www.urbandictionary.com/define.php?term=gc

randomperson reply

lemmy.today

here's a link to the script. its nothing fancy, but makes it easy to check: https://github.com/akamai/akamai-security-research/blob/main/malware/noabot/noabot_detect.sh

reflex reply

kbin.social

Dingaling

lemmy.ml

Very poor title, like someone's just got their "Big Book of Clickbait"

Everything is under attack all the time, and everything is never-before-seen until it's seen.

UnfortunateShort

lemmy.world

I love how in security, we have gone from "use strong passwords" to "don't make your own passwords", because people will just refuse to learn.

sugar_in_your_tea reply

sh.itjust.works

What are you talking about, "Hunter2!" is a fantastic password. It has a capital letter, a number, a special character, and is 8+ characters long, so it works for my bank accounts. What more could you want!

Seriously though, just use a password manager. It's easier than trying to find a password that works everywhere, and easier than trying to remember a bunch of different (but probably very similar) passwords. I just remember 3 passwords: password manager, email (for password recovery if the password manager goes down), computer login. That's it, and I have well over a hundred accounts.