New Linux Malware Hides in Cron Jobs with Invalid Dates

Share post:

Security researchers recently discovered a new, clever remote access trojan (RAT) for Linux that almost has an almost invisible profile by hiding in tasks that are supposed to be executed on February 31 – a day that obviously does not exist.

Known as CronRAT, the malware targets web shops and allows attackers to commit credit card data theft by using online scrapers on Linux servers.

CronRAT has problems with the Linux task scheduling system cron, which allows scheduling tasks to be performed on non-existent calendar days such as February 31.

The Linux cron system accepts dates as long as the format is valid, even if the date does not exist – which means that the task is not executed.

The Dutch cyber security firm Sansec reported that the malicious software hides a “sophisticated Bash program” in the name of planned tasks.

“The CronRAT adds tasks to crontab with a peculiar date specification: 52 23 31 2 3. These lines are syntactically valid, but would result in a runtime error when executed. However, this will never take place as they are scheduled to run on February 31st,” the Sansec researchers explain.

With the VirusTotal scan service, 58 antivirus engines did not detect it in the system.

For more information, you may view the original story from TechRepublic.

Featured Tech Jobs

SUBSCRIBE NOW

Related articles

Cyber Security Today, Week in Review for Friday, December 8, 2023

This episode features discussion on cyber attacks against OT networks, the discovery of exposed servers with medical images and  why outdated Microsoft Exchange servers are s

Canadian mid-sized firms pay an average $1.13 million to ransomware gangs

Survey for Palo Alto Networks also shows fewer firms willing to pay da

Cyber Security Today, Dec. 8, 2023 – Ransomware is increasingly impacting OT systems, and more

This episode reports on how hackers break into AWS cloud instances, fake anti-Ukraine online ads  using photos of celebrities

Canadian privacy czars release principles for responsible development of AI

The principles remind AI developers they have to follow Canadian data pr

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways