274
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 29 Oct 2023
274 points (93.9% liked)
Technology
58133 readers
5693 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
this makes use of an old windows specific vulnerability. Linux is only mentioned on the title, not again in the whole article. clickbait.
edit: downvote me if you want, but the original article didn't say a thing about Linux.
https://www.bleepingcomputer.com/news/security/stripedfly-malware-framework-infects-1-million-windows-linux-hosts/
That's from a completely different article.
And it doesn't say how this is achieved without already having root privilegies. I'm not sure I believe this can in fact infect a Linux system, except if it's already heavily compromised, for instance by a user logging in as root as default.
Maybe if root is shared via SMB1 and is rw
Not possible AFAIK, I don't use anything Microsoft, but AFAIK SMB1 shares on Linux are through Samba, and you can't just enable write permissions without root. So as I stated before, the Linux system needs to be already compromised.
Users can configure the system however they want.