Rocksolid Light

Welcome to RetroBBS

mail  files  register  newsreader  groups  login

Message-ID:  

"We will bury you." -- Nikita Kruschev

computers / alt.comp.os.windows-10 / New malware uses Windows Subsystem for Linux for stealthy attacks

SubjectAuthor
* New malware uses Windows Subsystem for Linux for stealthy attacksBilly Mynews Ferrell
+- Re: New malware uses Windows Subsystem for Linux for stealthy attacksPaul
`- Re: New malware uses Windows Subsystem for Linux for stealthy attacksDavid Brooks

1
New malware uses Windows Subsystem for Linux for stealthy attacks

<si0sqm$jh5$1@dont-email.me>

  copy mid

https://www.rocksolidbbs.com/computers/article-flat.php?id=55554&group=alt.comp.os.windows-10#55554

  copy link   Newsgroups: alt.comp.os.windows-10 alt.comp.os.windows-11
Path: i2pn2.org!i2pn.org!eternal-september.org!reader02.eternal-september.org!.POSTED!not-for-mail
From: admin@moderated.xyz (Billy Mynews Ferrell)
Newsgroups: alt.comp.os.windows-10,alt.comp.os.windows-11
Subject: New malware uses Windows Subsystem for Linux for stealthy attacks
Date: Thu, 16 Sep 2021 20:59:42 -0500
Organization: atkan
Lines: 2
Message-ID: <si0sqm$jh5$1@dont-email.me>
Reply-To: "Billy Mynews Ferrell" <billyrayferrell.123@gmail.com>
Injection-Date: Fri, 17 Sep 2021 01:59:50 -0000 (UTC)
Injection-Info: reader02.eternal-september.org; posting-host="0b81347518c1dd40819ef5b3fd744f70";
logging-data="20005"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX18yD2iVBGz9QaN+xkFLmZDw"
Cancel-Lock: sha1:/MEBk9e0T/EuNjNzInkDNv5ARqQ=
X-MimeOLE: Produced By Microsoft MimeOLE V14.0.8117.416
X-RFC2646: Format=Flowed; Original
X-Newsreader: Microsoft Windows Live Mail 14.0.8117.416
Importance: Normal
X-Priority: 3
X-MSMail-Priority: Normal
 by: Billy Mynews Ferrell - Fri, 17 Sep 2021 01:59 UTC

By Ionut Ilascu September 16, 2021 01:33 PM

WSL

Security researchers have discovered malicious Linux binaries
created for the Windows Subsystem for Linux (WSL),
indicating that hackers are trying out new methods
to compromise Windows machines.

The finding underlines that threat actors are exploring
new methods of attack and are focusing their attention on
WSL to evade detection.

~BD~ Read More Here
<
https://www.bleepingcomputer.com/news/security/new-malware-uses-windows-subsystem-for-linux-for-stealthy-attacks/ >

Re: New malware uses Windows Subsystem for Linux for stealthy attacks

<si14mk$kv9$1@gioia.aioe.org>

  copy mid

https://www.rocksolidbbs.com/computers/article-flat.php?id=55559&group=alt.comp.os.windows-10#55559

  copy link   Newsgroups: alt.comp.os.windows-10 alt.comp.os.windows-11
Path: i2pn2.org!i2pn.org!aioe.org!TrZ8+sqdNQ+wAfGOUWSYjA.user.46.165.242.75.POSTED!not-for-mail
From: nospam@needed.invalid (Paul)
Newsgroups: alt.comp.os.windows-10,alt.comp.os.windows-11
Subject: Re: New malware uses Windows Subsystem for Linux for stealthy attacks
Date: Fri, 17 Sep 2021 00:14:12 -0400
Organization: Aioe.org NNTP Server
Message-ID: <si14mk$kv9$1@gioia.aioe.org>
References: <si0sqm$jh5$1@dont-email.me>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Info: gioia.aioe.org; logging-data="21481"; posting-host="TrZ8+sqdNQ+wAfGOUWSYjA.user.gioia.aioe.org"; mail-complaints-to="abuse@aioe.org";
User-Agent: Ratcatcher/2.0.0.25 (Windows/20130802)
X-Notice: Filtered by postfilter v. 0.9.2
 by: Paul - Fri, 17 Sep 2021 04:14 UTC

Billy Mynews Ferrell wrote:
> By Ionut Ilascu September 16, 2021 01:33 PM
>
>
> WSL
>
> Security researchers have discovered malicious Linux binaries
> created for the Windows Subsystem for Linux (WSL),
> indicating that hackers are trying out new methods
> to compromise Windows machines.
>
> The finding underlines that threat actors are exploring
> new methods of attack and are focusing their attention on
> WSL to evade detection.
>
> ~BD~ Read More Here
> <
> https://www.bleepingcomputer.com/news/security/new-malware-uses-windows-subsystem-for-linux-for-stealthy-attacks/ >
>

WSL runs Linux (Bash shell) on the Windows kernel.

WSL2 runs Linux (Bash shell) on a Linux kernel, and as
far as I know, the WSL2 is in some kind of container. That
means WSL2 is virtualized and it handled by the hypervisor.

https://en.wikipedia.org/wiki/Windows_Subsystem_for_Linux#WSL_2

"Version 2 introduces changes in the architecture. Microsoft has
opted for virtualization through a highly optimized subset of
Hyper-V features,"

The WSL2 might be more secure, than the WSL which likely
is not containerized.

Paul

Re: New malware uses Windows Subsystem for Linux for stealthy attacks

<si5edf$c61$1@hunterbd.eternal-september.org>

  copy mid

https://www.rocksolidbbs.com/computers/article-flat.php?id=55614&group=alt.comp.os.windows-10#55614

  copy link   Newsgroups: alt.comp.os.windows-10 alt.comp.os.windows-11
Path: i2pn2.org!i2pn.org!eternal-september.org!reader02.eternal-september.org!hunterbd.eternal-september.org!.POSTED!not-for-mail
From: DavidB@invalid.E-S (David Brooks)
Newsgroups: alt.comp.os.windows-10,alt.comp.os.windows-11
Subject: Re: New malware uses Windows Subsystem for Linux for stealthy attacks
Date: Sat, 18 Sep 2021 20:24:28 +0100
Organization: A noiseless patient Spider
Lines: 26
Message-ID: <si5edf$c61$1@hunterbd.eternal-september.org>
References: <si0sqm$jh5$1@dont-email.me>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Date: Sat, 18 Sep 2021 19:24:32 -0000 (UTC)
Injection-Info: hunterbd.eternal-september.org; posting-host="45fbfa1131b861380d9494bc8382bc46";
logging-data="12481"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX18hzlQ9gD37EBpMiy3AeuQU"
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:78.0)
Gecko/20100101 Thunderbird/78.14.0
Cancel-Lock: sha1:rJBxm1pxbwEfE338v3zibrfI9G4=
In-Reply-To: <si0sqm$jh5$1@dont-email.me>
Content-Language: en-GB
 by: David Brooks - Sat, 18 Sep 2021 19:24 UTC

On 17/09/2021 02:59, Billy Mynews Ferrell wrote:
> By Ionut Ilascu September 16, 2021 01:33 PM
>
>
> WSL
>
> Security researchers have discovered malicious Linux binaries
> created for the Windows Subsystem for Linux (WSL),
> indicating that hackers are trying out new methods
> to compromise Windows machines.
>
> The finding underlines that threat actors are exploring
> new methods of attack and are focusing their attention on
> WSL to evade detection.
>
> ~BD~ Read More Here
> <
> https://www.bleepingcomputer.com/news/security/new-malware-uses-windows-subsystem-for-linux-for-stealthy-attacks/ >

I've been a subscriber at Bleeping Computer for many years, but still
thank you for your post, Billy.

Here's another forum from which I've NOT been banned. A long and
interesting thread here:-

https://www.mac-forums.com/threads/official-antivirus-malware-and-firewall-faq.245728/

1
server_pubkey.txt

rocksolid light 0.9.8
clearnet tor