Tux Machines

Security and FUD: Google and Blaming Malware on "Linux"

Posted by Roy Schestowitz on Aug 15, 2022

Google Ups Its Linux Security Awards [Ed: Company that put NSA back-doored ciphers in Linux kernel tries to reinvent itself (and its reputation) as Linux security champ]

How did they get from Kubernetes to Linux? It was the next logical move. Via kCTF, researchers could use Google Kubernetes Engine (GKE) instances. If they could hack it successfully, they got a flag, and potentially some cash. But, while all way back in 1995, the Mozilla Foundation was the first organization to offer bug bounties. Now, everyone’s who anyone offers them. Google, which uses Linux in pretty much everything, is expanding its Kubernetes-based Capture-the-Flag (kCTF) project and kCTF Vulnerability Rewards Program (VRP) to pay more attention to hunting down Linux kernel bugs.

Luckymouse Uses Compromised MiMi Chat App to Target Windows and Linux Systems [Ed: This is not an OS issue, it's about people installing and running malware]

PyPI package installs cryptominer on Linux systems [Ed: This isn't a "Linux" issue; it's a "malware got installed on the OS" (in this case Linux) issue; if you install malware on your system, mal (bad) things will happen. Of course Brittany Day helped promote this FUD, unscrutinised and unchallenged.]

A malicious PyPI package was used to install a Monero cryptominer on Linux systems.