Attack details
https://www.bleepingcomputer.com/news/security/hackers-exploit-looney-tunables-linux-bug-steal-cloud-creds/
The operators of the Kinsing malware are targeting cloud environments with systems vulnerable to "Looney Tunables," a Linux security issue identified as CVE-2023-4911 that allows a local attacker to gain root privileges on the system.
Looney Tunables is a buffer overflow in glibc's dynamic loader (ld.so) introduced in glibc 2.34 in April 2021 but disclosed in early October 2023. Days after the disclosure, proof-of-concept (PoC) exploits became publicly available.
Attack details
Nov 6, 2023, 9:28pm UTC
https://www.bleepingcomputer.com/news/security/hackers-exploit-looney-tunables-linux-bug-steal-cloud-creds/
> The operators of the Kinsing malware are targeting cloud environments with systems vulnerable to "Looney Tunables," a Linux security issue identified as CVE-2023-4911 that allows a local attacker to gain root privileges on the system.
> Looney Tunables is a buffer overflow in glibc's dynamic loader (ld.so) introduced in glibc 2.34 in April 2021 but disclosed in early October 2023. Days after the disclosure, proof-of-concept (PoC) exploits became publicly available.