• Linux : CronRAT malware hides behind February 31st

    Home » Forums » Cyber Security Information and Advisories » Code Red – Security/Privacy advisories » Linux : CronRAT malware hides behind February 31st


    RAT – remote access trojan.


    In the run-up to Black Friday, Sansec discovered a sophisticated threat that is packed with never-seen stealth techniques. This malware, dubbed “CronRAT”, hides in the Linux calendar system on February 31st. It is not recognized by other security vendors and is likely to stay undetected on critical infrastructure for the coming months. CronRAT enables server-side Magecart data theft which bypasses browser-based security solutions…

    At this time of year we typically see a surge in eCommerce attacks and new malware. Last week we analyzed a clever malware attacking online stores..

    Sansec found CronRAT to be present on multiple online stores, among them a nation’s largest outlet. ..

    CronRAT’s main feat is hiding in the calendar subsystem of Linux servers (“cron”) on a nonexistant day. This way, it will not attract attention from server administrators. And many security products do not scan the Linux cron system…

    Reply To: Linux : CronRAT malware hides behind February 31st

    You can use BBCodes to format your content.
    Your account can't use all available BBCodes, they will be stripped before saving.

    Your information: