• rastilin
    link
    fedilink
    1610 months ago

    I think the fundamental protection is always going to be the firewall that blocks all incoming connections unless you explicitly open a port for a running server.

    It’s frustrating that the article doesn’t have much information about the delivery method for this attack. Is it a remote connection, or you have to run it locally and it escalates privileges?

    • @Qvest@lemmy.world
      link
      fedilink
      English
      1010 months ago

      researchers from security firm Trend Micro found an encrypted binary file on a server known to be used by a group they had been tracking since 2021

      Sounds like it targets servers specifically, so desktop users should be safe