This virus is related to the group known as APT28 Fancy Bear, which acts against government offices, political parties, and defense
departments around the world.   - Ministry of Science, Technology and Telecommunications courtesy photo -















Published Thursday, August 20, 2020

FBI and NSA warn of
Drovorub malware



By the A.M. Costa Rica staff

The Ministry of Science, Technology and Telecommunications received the alert issued by the National Security Agency (NSA) and the Federal Bureau of Investigation (FBI), about the spread of a virus called Malware Drovorub.

According to the ministry, this virus is related to the group known as APT28 Fancy Bear, which acts against government offices, political parties, and defense departments around the world.

The Malware Drovorub attacks Linux-based systems that are out of date. The goal of the virus is to steal information, they said.

"To avoid possible infection, the computer system manager has to update the Linux kernel to version 3.7," the ministry experts said. "It is also necessary to configure the system to exclusively load modules that have a valid digital signature, which is complemented by the Secure Boot by UEFI (Unified Extensible Firmware Interface)."

According to the ministry, the U.S. authorities warn that the Drovorub attacks could be related to an attempt to hack the " IoT devices" in order to gain access to larger networks.

Ministry specialists give the following recommendations to avoid risks of infection in computer systems with this new virus:

• Update all your servers.

• All computer systems must be updated.

• Update the Linux kernel to version 3.7. or higher.

• Change or update the passwords of the servers, reinforcing their security (which includes uppercase and lowercase letters, special characters, numbers and at least 12 digits in length).

• Monitor the transfer of data from the internet network to verify that there is no unusual behavior.

More information about this new virus can be reached by sending an email to the following email address: ministry@micitt.go.cr






-------------------------------
What other advice would you give to avoid getting the computer infected with a virus?   
We would like to know your thoughts on this story. Send your comments to news@amcostarica.com