Skidmap: a Linux-based malware which mines cryptocurrency on computers

Chat about Linux in general
Post Reply
User avatar
philotux
Level 5
Level 5
Posts: 833
Joined: Sat Jul 21, 2018 11:14 am
Location: Utopia

Skidmap: a Linux-based malware which mines cryptocurrency on computers

Post by philotux » Fri Sep 20, 2019 10:53 am

Keep up your guard folks!
Skidmap is a nasty example of advanced cryptojacking. It can burrow into a Linux kernel, survive multiple wipes, and mask its footprints using false CPU usage information and fake network traffic. A Skidmap infection is hard to shake, so do your best to prevent the initial infection.
https://www.maketecheasier.com/new-linu ... cpu-usage/

carum carvi
Level 6
Level 6
Posts: 1029
Joined: Sun Apr 16, 2017 11:44 pm

Re: Skidmap: a Linux-based malware which mines cryptocurrency on computers

Post by carum carvi » Fri Sep 20, 2019 2:17 pm

Thanks for posting that link Philotux. It will keep me on guard. The article doesnt offer any particular advice for protection though, besides the warning not to download unknown files that are given root access.

The article further states: "Skidmap can also infect the kernel of the operating system, meaning it’s harder to clean it out completely. Even if the user manages it, Skidmap has many ways of sneaking around a network, meaning it can re-infect cleaned devices".

I never knew a Linux kernel could get infected. Can it really?

What I am mostly interested in is how such a malware can survive a clean up? First question: what is a "clean up"? A brand new install surely will wipe this malware of a single computer, wont it? Maybe (hopefully) skidmap is only sneaky enough to re emerge after a "clean up" on a network, with some hiding tricks? I dont have a network, so I hope I am safe for this nasty piece of work, when I do a new install of LinuxMint.

BigEasy
Level 6
Level 6
Posts: 1257
Joined: Mon Nov 24, 2014 9:17 am
Location: Chrząszczyżewoszyce, powiat Łękołody

Re: Skidmap: a Linux-based malware which mines cryptocurrency on computers

Post by BigEasy » Fri Sep 20, 2019 2:36 pm

carum carvi wrote:
Fri Sep 20, 2019 2:17 pm
Thanks for posting that link Philotux. It will keep me on guard. The article doesnt offer any particular advice for protection though, besides the warning not to download unknown files that are given root access.
Try click on clickable word "Skidmap" inside article. Then you can read original technical infornmation, not just journalism.
Windows assumes I'm stupid but Linux demands proof of it

carum carvi
Level 6
Level 6
Posts: 1029
Joined: Sun Apr 16, 2017 11:44 pm

Re: Skidmap: a Linux-based malware which mines cryptocurrency on computers

Post by carum carvi » Fri Sep 20, 2019 3:30 pm

Thanks for pointing me to that more detailed article Big Easy. Most of it's content is too complicated for me though and I couldnt really figure out how malware could modify the Linux kernel. I always thought of the Linux kernel as a diamant core, (untouchable) but I have googled a bit and Linux can (of course :( )be easily infected IF one unknowingly installs malicious software with root access. That's really basically the same explanation I have read often before on this forum: be careful what software you install and what websites you visit. Dont go walking into dark alleyways...

Pippin
Level 4
Level 4
Posts: 287
Joined: Wed Dec 13, 2017 11:14 am
Location: NL/DE/TH

Re: Skidmap: a Linux-based malware which mines cryptocurrency on computers

Post by Pippin » Fri Sep 20, 2019 3:40 pm

I always thought of the Linux kernel as a diamant core, (untouchable)
You have reached the next stage in good thinking ;)
Everything is electric.

BigEasy
Level 6
Level 6
Posts: 1257
Joined: Mon Nov 24, 2014 9:17 am
Location: Chrząszczyżewoszyce, powiat Łękołody

Re: Skidmap: a Linux-based malware which mines cryptocurrency on computers

Post by BigEasy » Sat Sep 21, 2019 1:20 am

carum carvi wrote:
Fri Sep 20, 2019 3:30 pm
That's really basically the same explanation I have read often before on this forum: be careful what software you install and what websites you visit. Dont go walking into dark alleyways...
Yes. There is no differences between "good" software, "bad" software (and ugly, of course). Everything is just software from computer's point of view. Good and bad and ugly will be installed and work in the same way. Be careful!
Windows assumes I'm stupid but Linux demands proof of it

Post Reply

Return to “Chat about Linux”