New 'Plague' Attack Targets Linux Servers, Bypasses 66 Antivirus Engines

A new cyberattack dubbed "Plague" has emerged, targeting Linux servers with the aim of establishing persistent SSH access. This attack is notable for its ability to evade detection by 66 antivirus engines, highlighting its sophisticated nature. The primary impact is the compromise of Linux server security, enabling attackers to maintain unauthorized access. The evasion of multiple antivirus solutions suggests the use of advanced techniques, potentially including zero-day exploits or rootkits. For cybersecurity professionals, this underscores the necessity of adopting a defense-in-depth approach. Traditional antivirus solutions alone are insufficient; organizations should implement behavioral analysis, anomaly detection, and regular audits of SSH access logs. Additionally, network segmentation and multi-factor authentication for SSH access are recommended. This attack serves as a stark reminder of the evolving threat landscape and the need for continuous vigilance and adaptation in cybersecurity practices.