Introduction
In today’s world of information technology, protecting against cyberattacks is a serious problem. Hackers are finding new ways to penetrate systems and sensitive information, disrupting businesses, and causing severe reputational damage. Recently, a new threat for Linux and ESXi systems has been revealed: a malicious Trojan RTM.
RTM who is it?
RTM is a cybercriminal group that specializes in creating and distributing malware. They are known for their expertise and their ability to bypass cyber defenses . They attack companies large and small.
RTM recently released a new version of their malware, it targets operating systems such as: Linux and ESXi. The malware is designed to get data from remote access on those systems on which it has been installed. According to experts, it is one of the most dangerous and complex malware created in several years.
How the new pest works
The main peculiarity of this malware is its ability to bypass many modern defense mechanisms, including professional anti-virus programs. This is achieved through the use of the most effective encryption methods. Most anti-virus programs simply cannot detect it on infected systems.
What is the working principle of RTM malware? It installs a special module on the infected system that creates a backdoor, a secret access to the system. Hackers can then gain full access and control of the system, stealing confidential data, passwords, banking card details, personal information, etc.
Recommendations for protection
- Update all software and operating systems to the latest version
- Install and regularly update antivirus software.
- Limit access to systems to authorized users only and use strong passwords.
- Use multi-factor authentication for additional security.
- Monitor and analyze network and system activity with special tools to detect abnormal activity.
- Make regular backups of important data so that you can quickly restore information in case of an attack.
