How 'Kobalos' malware compromises supercomputers and other high-performance systems (Source: ESET)
A newly identified Linux malware variant dubbed "Kobalos" is targeting high-performance computing clusters and supercomputers running multiple operating systems, a new report by security firm ESET finds.
Kobalos functions primarily as a backdoor and is designed to steal SSH credentials - aka Secure Shell or Secure Socket Shell - a cryptographic network protocol for providing secure remote login, even over unsecured networks.
ESET notes Kobalos is "generic malware," but a highly versatile Linux strain and is equipped with a unique infrastructure - most notably, its command-and-control structure.
"The fact that any system compromised with Kobalos can be turned into a C&C server of other compromised hosts is quite unique," says Marc-Etienne M. Léveillé, a senior malware researcher with ESET and a co-author of the report. "The code for running such a server is in the malware itself. They are also using other Kobalos-infected hosts to control the backdoor."