Drovorub (Russian: дроворуб, "woodcutter") is a software toolkit for developing malware for the Linux operating system.
It was created by the 85th Main Special Service Center, a unit of the Russian GRU often referred to as APT28.
[1][2] Drovorub has a sophisticated modular architecture,[3] containing an implant coupled with a kernel module rootkit, a file transfer and port forwarding tool, and a command and control server.
[4] The U.S. government report that first identified Drovorub recommends the use of UEFI Secure Boot and Linux's native kernel module signing facility to resist Drovorub attacks.
You can help Wikipedia by expanding it.This malware-related article is a stub.