Russian GRU 85th GTsSS Deploys Previously Undisclosed Drovorub Malware
released on 2020-08-13 @ 06:09:16 PM
Drovorub is a Linux malware toolset consisting of an implant coupled with a kernel module rootkit, a file transfer and port forwarding tool, and a Command and Control (C2) server. When deployed on a victim machine, the Drovorub implant (client) provides the capability for direct communications with actor controlled C2 infrastructure; file download and upload capabilities; execution of arbitrary commands as "root"; and port forwarding of network traffic to other hosts on the network.