Perfectl is Not New, It's Not News About Linux, Outdated Apache RocketMQ is Not Linux, and the Real News Should be Back Doors Like Windows and CALEA Blunder
"The malware has been circulating since at least 2021."
What malware?
"Perfectl Malware".
Linux?
No, not really. Really? Yes, really. Not Linux.
We've patiently tracked this FUD for a while now. It has been tracked in this page since the fifth of October (10+ days already and they're not done with their marketing campaign yet).
We were reluctant to write about it as it would give the FUD even more publicity, but now Schneier on Security mentions it, so it's getting more exposure anyway.
As an associate put it: "found on 'many' Linux machines? Really? Never heard of it prior to this..."
So for 3+ years it has been on "many" machines and somehow nobody mentioned it?
Weird.
As per my editorial comments (going over a week back), it seems like a marketing campaign, not research, and in order to properly rebut what this private company (Spamnil did a lot of spam for this company, so you know they're spammers) says we've been checking its claims. "My guess is that the article and others like it," an associate says, "are part of a larger orchestrated smear campaign to disparage FOSS heading into the upcoming decisions regarding computer and network security by US Congress and The White House."
"The articles contain a lot of lies and disinformation, in particular they wrongly assert that "any" Linux system is vulnerable. CUPS is Apple. Apache RocketMQ is not Linux either..."
Schneier says: "Something this complex and impressive implies that a government is behind this. North Korea is the government we know that hacks cryptocurrency in order to fund its operations. But this feels too complex for that. I have no idea how to attribute this."
Don't even go that far. Check what the basis is...
As noted above, it seems like a marketing/FUD campaign.
"The attribution is to point to the disinformation campaign coming via Redmond," our associate opines. "Maybe it is all a distraction from China (and reading between the lines, Russia) exploiting the CALEA backdoors with impunity for all these years. The same interests which back CALEA hate the idea of a move from Windows because they'd lose their back doors. That China, Russia, and every other country in the world are also in and out of Windows systems like a cheap motel does not matter to them. They only care that they themselves can also get in on demand. That's harder on GNU/Linux and Linux in general for many reasons including but not limited to the lack of a monoculture. tldr; The CALEA breaches have been pushed out of the news cycle prematurely."
A lot of the anti-"Linux" (even when it's not Linux; or even not the fault of Linux) FUD comes at strategic times for Microsoft and sometimes comes directly from Microsoft staff (Xz for instance). It's difficult to ignore the pattern.
"Another theme to be debunked," the associate adds, "amidst the stream of aspersions, insinuations, and disinformation, is the false premise that Microsoft is any kind of authority."
Microsoft is the culprit, not the expert, but it is expert at infiltrating positions of authority, especially in government [1, 2, 3, 4], in order to undermine real security and instead peddle snake-oil and lies.
The associate calls it after-market boondoggles "in place of secure design" and takes note of hours-old "victim blaming" by Microsoft, which "continues into a new decade..." (it says "Microsoft wants tougher punishments for cybercriminals"; how about the holes that facilitate these cybercriminals?)
He further notes that "targeting != breach, unless Windows(tm) is involved" (in which case, the holes are deliberate).
In short, there's some dodgy private company trying to promote itself by trash-talking "Linux" for over 10 days already (many shallow pieces in "the media"). But it's not about Linux, it's about servers that haven't been patched for ages and it's the fault of some outdated programs installed on them. The timing of this FUD (or marketing from this company's perspective) is hard to brush aside.
It's almost like this dodgy private company is attempting to sell something. █
