Drovorub

Drovorub (Russian: дроворуб, "woodcutter") is a for developing malware for the Linux operating system. It was created by the , a unit of the Russian GRU often referred to as APT28.^[1]^[2]

Drovorub has a sophisticated modular architecture,^[3] containing an coupled with a , a file transfer and port forwarding tool, and a command and control server.^[2] Drovorub has been described as a "Swiss-army knife for hacking Linux".^[4]

The U.S. government report that first identified Drovorub recommends the use of UEFI Secure Boot and Linux's native facility to resist Drovorub attacks.^[5]

References[]

^ "Drovourm Malware: Fact Sheet & FAQs" (PDF). nsa.gov. Retrieved 21 August 2020.
^ ^a ^b "Russian GRU 85th GTsSS Deploys Previously Undisclosed Drovorub Malware" (PDF). media.defense.gov. August 2020. Retrieved 21 August 2020.
^ Cimpanu, Catalin. "FBI and NSA expose new Linux malware Drovorub, used by Russian state hackers". ZDNet. Retrieved 2020-08-21.
^ Jerzewski, Matthew (2020-08-20). "Drovorub Malware - "Taking systems to the wood chipper"". The State of Security. Retrieved 2020-08-21.
^ "NSA and FBI expose Russian 'Drovorub' malware used to target Linux systems". www.computing.co.uk. 2020-08-14. Retrieved 2020-08-21.

This computer security article is a stub. You can help Wikipedia by .

This espionage-related article is a stub. You can help Wikipedia by .

[1] "Drovourm Malware: Fact Sheet & FAQs" (PDF). nsa.gov. Retrieved 21 August 2020.

[:0-2] "Russian GRU 85th GTsSS Deploys Previously Undisclosed Drovorub Malware" (PDF). media.defense.gov. August 2020. Retrieved 21 August 2020.

[3] Cimpanu, Catalin. "FBI and NSA expose new Linux malware Drovorub, used by Russian state hackers". ZDNet. Retrieved 2020-08-21.

[4] Jerzewski, Matthew (2020-08-20). "Drovorub Malware - "Taking systems to the wood chipper"". The State of Security. Retrieved 2020-08-21.

[5] "NSA and FBI expose Russian 'Drovorub' malware used to target Linux systems". www.computing.co.uk. 2020-08-14. Retrieved 2020-08-21.

[1]

[2]

[3]

[4]

[5]