A new malware strain may be able to uninstall security products deployed in the cloud, according to a report from researchers at cybersecurity firm Palo Alto Networks and reported by The Hill.
The researchers obtained samples of malware used by hacking group Rocke, and found these samples were able to remove security products from compromised Linux cloud servers. That means that the malware could be used to gain full control of, and subsequently uninstall, the cloud security products.
The malware developers realized "the existing cloud monitor and security products may detect the possible malware intrusion" and are deploying "new evasion technologies to avoid being detected" by cloud security measures, the report reads, according to The Hill.
The malware targets products developed by a few cloud providers, including Tencent Cloud and Alibaba Cloud. The researchers are working with both companies to address the issue, according to The Hill.