Jan. 17 (UPI) -- Researchers have uncovered a new type of malware that can remove security features on Linux cloud servers without detection.
"During our analysis, we realized that these samples used by the Rocke group adopted new code to uninstall five different cloud security protection and monitoring products from compromised Linux servers," Unit 42 said in a statement. "In our analysis, these attacks did not compromise these security products: rather, the attacks first gained full administrative control over the hosts and then abused the full administrative control to uninstall these products in the same way a legitimate administrator would."
The goal is to gain access to computing to mine cryptocurrency without being detected. It's one of the biggest threats to all connected devices, from mobile phones and Internet of Things devices to data centers.
The security products meant to detect these cyber invasions were developed by Tencent Cloud and Alibaba Cloud, the two leading cloud providers in China. Both are working on products to address the vulnerabilities. Unit 42 believes this is the first malware capable of targeting and removing cloud security products without anyone knowing.
This news comes as more businesses and individuals move more of their services to the cloud. The federal government also has a push to do more on the cloud.