Linux's Evolving Threat Landscape: Supply Chains, Proxyjacking, and Zero-Days - VMRay

Supply Chains, Proxyjacking, and Zero-Days: 
Linux’s Evolving Threat Landscape

Q4 – 2023

Decode Linux’s evolving threats, from supply-chain attacks to zero-day vulnerabilities. Explore the surge in proxyjacking and DDoS assaults, navigating the complexities of IoT device security.

Table of Contents

In Q4 of 2023, the Linux threat landscape displayed noteworthy developments, particularly in supply-chain attacks.

Supply-Chain Attack on ‘Ledger dApp Connect Kit’ Library

A significant incident unfolded with a supply-chain attack on the ‘Ledger dApp Connect Kit’ library. Attackers injected malicious code into the library, allowing them to pilfer $600,000 in cryptocurrency and NFTs from wallets linked to compromised dApps.

This attack underscores the increasing sophistication of threats targeting Linux environments, especially in the context of cryptocurrency.

Rise in Proxyjacking and DDoS Attacks

Linux as well as MacOS devices have become prime targets for proxyjacking, where attackers sell access to compromised devices as network proxies. Moreover, these devices are now weaponized for Distributed Denial of Service (DDoS) attacks.

Surge in Attacks on IoT Devices

IoT devices, known for weaker security measures and widespread global use, have experienced a significant upswing in attacks, reportedly witnessing a ten-fold increase. 

The prevalence and diverse architectures of IoT devices, many not operating on the x86 architecture, add complexity to the analysis of malware targeting them. While emulation can aid in analysis, it’s not universally supported and may yield uncertain effectiveness.

Zero-Day Vulnerabilities and the Emergence of ‘InfectedSlurs’

Zero-day vulnerabilities remain a substantial threat in Linux environments. An illustrative example is the emergence of ‘InfectedSlurs,’ a new Mirai-based botnet malware exploiting two zero-day remote code execution (RCE) vulnerabilities to compromise network video recorders (NVRs) and routers. ‘InfectedSlurs’ harnessed these devices, integrating them into a DDoS swarm, presumably for profit.

VMRay Malware & Phishing Threat Landscape – Q4/2023

Next Chapter: 
Evolving phishing threats

See VMRay in action.
Secure your organization against evolving Linux threats.

Further resources


Key forces shaping the future of security automation

Watch the full recording from the our webinar featuring Forrester


Explore VMRay’s seamless integrations

Explore all security automation use cases that help you can benefit.


VMRay Professional Services

Learn how VMRay supports deployment, configurations, integrations & more.

Calculate how much malware false positives are costing your organization:
Malware False Positive Cost Calculator