Researchers at Kaspersky Labs and Symantec have recently disclosed the discovery of an extremely complex malware that is difficult to detect for Linux systems targeted at 45 government and pharmaceutical companies around the world:
Now researchers from Moscow-based Kaspersky Lab have detected Linux-based malware used in the same campaign. Turla was already ranked as one of the top-tier APTs, in the same league as the recently disclosed Regin for instance. The discovery of the Linux component suggests it is bigger than previously thought and may presage the discovery of still more infected systems.
“The [Turla] operations are being carried out in broader environments than we previously knew,” Kaspersky Lab expert Kurt Baumgartner told Ars. “All the other stuff we’ve seen from Turla has been windows based. This piece of the puzzle shows us that they do not limit themselves.”
Full article: Powerful, highly stealthy Linux trojan may have infected victims for years from Ars Technica
While it has just been disclosed, Turla was at least known about since August. One can again wonder how long this specific vulnerability may have been known about, however it’s encouraging that the malware was disclosed early, before the complete picture was established (Related: Corporate Abuse of Our Data via Bruce Schnier).