Fancy Bear is moving into Linux malware

The NSA and FBI have released a new cybersecurity advisory warning that Russian government hackers known as Fancy Bear have begun deploying a previously undisclosed malware which targets Linux systems.

The hackers in question, also known as APT28 or Stronium, work for Russia’s General Staff Main Intelligence Directorate’s 85th Main Special Service Center (military unit 26165) and refer to their new malware strain as Drovorub. The malware is a rootkit designed to infect and take control of Linux systems in order to steal their files and Fancy Bear is using it against targets valuable to the Kremlin.

Source Article