Kobalos, the cross-platform malware that attacks Linux supercomputers



Kobalos It was, in Greek mythology, a small and malevolent creature that was dedicated to deceive and frighten mortals. Therefore, the Trojanized version of the OpenSSH software being used to hack Linux supercomputers, the majority, and other notable objectives have been baptized thus.



The cybersecurity company ESET has analyzed this malware and describes it as "small, but complex". It's cross-platform, running on systems like Linux, BSD, Solaris, and possibly AIX and Windows, and it's essentially targeting high-performance computing clusters.






The target of Kobalos, a "small, but complex" 'malware', is being high-performance computing clusters and other high-level targets.




Government systems, universities and service providers suffer its effects





Figure 1 Industry And Region Of

Sector and region of the organizations covered. / ESET



Researchers from the Slovak company have observed that lens types change depending on location in which this malicious program acts.



In North AmericaFor example, their targets have been government systems and endpoint security providers. University networks and specifically high-performance computing clusters have been some of the targets in Europe. As to Asia, have taken action against a large internet service provider.




In Europe, Kobalos has focused on university networks and supercomputer clusters










Emotet, "the world's most dangerous malware", has been dismantled by a worldwide police action







Kobalos is being used primarily to steal SSH credentials from supercomputers, as ESET found by reverse engineering and tracking down potential victims. Provides remote access to the file system, provides the ability to generate terminal sessions, and enables connections from proxy to other infected servers.



What is not known, for now, what is the specific purpose of these attacks or who or who are behind them.



This creation has a level of sophistication that is unusual in the malware Linux and the researchers responsible for the finding recommend enabling two-step authentication when connecting to SSH servers.