Researchers from Palo Alto Networks see an increase in Linux malware for IoT devices.

Palo Alto research arm UNIT 42 reports an increase in Linux malware hiding in fake PDF documents.

Why PDF

Two out of three hackers use a PDF to inject malware into a network. The documents often have a recognizable name with a word related to finance. PDF is a popular format because people know and trust files with this output. That’s in Network Threat Report by UNIT 42 researchers at Palo Alto Networks.

According to UNIT 42, employees are usually the weakest link in a company and hackers take advantage of this. In the case of attachments, i.e. documents of any kind, vigilance is always required. Another golden piece of advice is that businesses should always be up to date to avoid gaps as much as possible.

Dangerous trends

The report also looks at the origin of the malware. UNIT 42 identified the ten largest groups, of which Ramnit appears to be the largest “family” in 2022. This is a computer worm that can copy itself and has already struck millions of times.

Another trend highlighted by the research is the increase in Linux malware. This can be explained by the fact that mobile devices often run on Unix operating systems and thus represent interesting new targets for cyber attackers. The biggest threat to Linux systems is botnets of the Mirai family. It is a network of infected computers that targets IoT devices

Palo Alto itself does not stand still. The company recently enhanced its SASE solution with AI, and late last year the cybersecurity company unveiled an entirely new SIEM solution.