Hackers exploit Looney Tunables Linux bug, steal cloud creds

Kinsing malware is targeting cloud environments via a Linux issue, CVE-2023-4911, aka “Looney Tunables,” which lets attackers gain root privileges. In a report, Aqua Nautilus detailed the threat actor’s use of this flaw to enhance permissions on compromised machines. Kinsing, which deploys cryptomining software, uses a PHPUnit vulnerability before triggering the Looney Tunables issue for privilege escalation. Investigators believe this campaign differed from usual tactics, indicating an experimental approach.