- ByteSize
- Posts
- Linux Hackers, Botnets, and ISP Tomfoolery
Linux Hackers, Botnets, and ISP Tomfoolery
Here’s all this week’s news, jobs, and industry moves that today’s IT professional can use.
It’s December the 3rd, and you already know what that means. Today is the 23rd birthday of the Segway scooter—aka your favorite mall cop’s favorite mode of transportation—which debuted on Good Morning America on this day in 2001.
VC impresario John Doerr infamously stated that the Segway would “be more important than the Internet” and none other than Steve Jobs said the invention was “as big a deal as the PC.” But: it wasn’t. Only 140,000 Segways were ever sold, and the guy who bought Segway Inc in 2009 died after accidentally riding his Segway off a cliff.
All this talk of Segways makes us think that we need a good segue to start the newsletter, so let’s get started!
Hacker group tests UEFI Bootkit for Linux
Linux. You know it. You love it. Your children ask for it by name. Until very recently, the open-source operating system was relatively free of catastrophic world-ending malware programs, of the likes of which happen to Windows users every other week. In the recent weeks, however, a malware bootkit has been identified by Slovakian security shop ESET.
If you’re a big fan of the word “yet” and gravely ominous threats to the cybersecurity landscape, then you’ll enjoy this next paragraph: the bootkit appears to be only in “proof of concept” insofar as its only seems to target a limited number of Ubuntu releases and not the broader Linux ecosystem… yet. Also, tech site The Register reports that Bootkitty isn’t able to run on Secure Boot enabled systems… yet.
Also: researchers don’t know who or where this bootkit came from… yet. There’s debate about whether this is made by former hacker collective BlackCat: yes, it has the word “Kitty” in the name, but it’s not ransomware and is also written in C, and not Rust (a signature of BlackCat, apparently).
This news item ultimately means that someone, somewhere has developed the capability to unleash a devastating attack throughout the Linusphere. But for whatever reason—they’re holding off on it. It’s as if the movie Oppenheimer stopped 3/4 of the way through and Cillian Murphy turns to the camera and said “Wow, what a bomb. Let’s table this one for now!” and then got back to regular Cillian Murphy things. Like sleep, apparently.
ESET released a blog post on the 27th, talking about the findings in more detail, stating: "The bootkit's main goal is to disable the kernel's signature verification feature and to preload two as yet unknown ELF binaries via the Linux init process (which is the first process executed by the Linux kernel during system startup)." The whole blog post is worth a read for a more nitty-gritty look, as they go into great detail about how the bootkit operates.
Obviously, the development of something that could wipe out much of the work of many EE members is an important, developing story. We’ll keep you posted on how this plays out.
‘Script kiddie’ develops ‘Matrix’ botnet with worldwide targets
When you write about cybersecurity, there’s usually a lot of terminology to wade through. So, with that in mind, here’s the story in one sentence: a young, lone hacker has developed a botnet that essentially could cripple the IOT—or, “internet of things”—ecosystem.
The thing that makes this story interesting is less the “what” this hacker is up to, but more the “how.” They’ve made a botnet pretty much out of off-the-shelf malware—including: Mirai, PYbot, pynet, DiscordGo, and the curiously named Homo Network—and have cobbled an entire apparatus they’re offering to other hackers as a service.
The botnet is called “Matrix” and is being offered as a dark, twisted SaaS on a hacker-frequented Telegram channel called “Kraken Autobuy” meaning that anyone can pony up the money to use it against whomever they want to target.
The ‘script kiddie’—slang in the hacker community for someone who is young and inexperienced—who made “Matrix” is apparently of Russian origin, but doesn’t appear to be doing it for any political reasons, and seems to just be after money.
Genuine LOL: Internet ISPs say “Our customer service is so good” to avoid FCC oversight
ISPs (Internet Service Providers) are saying that their “stellar customer service” is why users don’t switch, and not because of the near-monopolies they currently hold.
Ever been on the phone with an ISP’s (internet service provider) customer service? It’s awful. Absolutely terrible. The experience can be downright Kafkaesque and lead even the most confident persons into spirals of confusion and shame. And this is the reason that lobbyist groups are giving as the reason why people don’t change ISPs often. Not the actual fact that most people can’t: lobbyists are getting paid millions to tell the FCC to look the other way.
Anyone with a brain, and even several of those without, could tell you that ISP customer support is terrible. Reports filed by regulatory committees in California and Oregon cite issues directly complaining about ISP customer service (including “automated customer service representatives; spending hours on hold while attempting to navigate automated voice systems; billing problems including getting charged after cancelling service, unexpected price increases, and being charged for equipment that was returned,") according to Ars Technica.
👨💻 Job Opportunities
Love Android? Love being in San Francisco Monday, Wednesday, and Friday? Have 5+ years in Android development and love developing games for smart TVs, Amazon Alexa, and mobile devices? This is could be your lucky day.
Swiftly’s Hopthru product—which works with over 180 transit agencies in 11 countries (think: LA Metro, MARTA, etc)—is looking for someone with experience building ETL pipelines, backend APIs, and client-side SaaS web applications.
If you can build both back-end and front-end systems and have experience specifying, building, and maintaining diagnostic tooling… and you also want to work in-office (mandatory) for a true automotive unicorn… this job is for you.
🛩 Industry Moves
Qualcomm loses interest in Intel
Remember in a previous newsletter when we talked about how Intel was falling apart due to weird leadership? Well, its falling apart even more. A previous acquisition of the struggling former tech giant has been put on ice due to “Intel's $50 billion debt, dropping CPU market share, and its struggling semiconductor manufacturing unit.”
Cadillac readies F1 supercar
General Motors—GM if you enjoy that whole brevity thing—is putting together a brand new F1 team to compete on the world stage in 2026… using a Ferrari powertrain to power the car. In 2028, they’ll have their own GM-designed V6 hybrid engine. These things take time to make!
Police shut down pirate streaming service with 22M users
The Italian Postal and Cybersecurity Police Service (catchy name!) indicted 102 people worldwide for operating a shadow streaming service that was bringing in $267M monthly and taking around $10.65B from the likes of Disney+, Netflix, Amazon, and more. Goodbye, shady streaming sites: hello, jail time!
💽 Data Upload
Did you learn a lot? We sure did. Let’s keep the momentum going into next week; no more post-Thanksgiving turkey naps to blame your debugging errors on. Stay curious, stay coding, and keep your servers running and your coffee hot.
Enjoyed the news? Discuss over on Experts Exchange. Got news to share or topics you'd like us to cover? Send ‘em our way. We can’t wait to hear from you. Really.
One last thing… would you like to sponsor ByteSize, and reach an entire community of knowledgable IT professionals across the globe? Reach out to us here.