Protect Gen V1 VM running ubuntu 18.04. threats from Drovorub.

@sachin Chand Apologies for the delay in response and all the inconvenience caused because of the issue.

Drovorub is a malware framework consisting of several components, including a kernel rootkit, tools for file transfer and port forwarding, and a command-and-control (CC) server.

Drovorub communicates with the CC server and hides its presence on the target system. It provides the attackers with file upload and download capabilities, as well as arbitrary command execution (with root privileges) and port or network traffic forwarding to other hosts on the network.

As with other rootkits and backdoors, an attacker needs to first compromise the target system by an unrelated exploit, before Drovorub can be deployed.

You can refer to this article which consist of generic steps to follow on the Linux System.

This article contains security recommendations for Azure Virtual Machines. Follow these recommendations to help fulfill the security obligations described in our model for shared responsibility. The recommendations will also help you improve overall security for your web app solutions.

Another approach is to use policies on virtual machines in Azure.You can refer to this,which is a general advisory from Microsoft side for securing your Virtual Machine which is applicable for all the vulnerabilities and malware in general.

Hope it helps!!!

Do let me know in case of any queries.

Please 'Accept as answer' if it helped, so that it can help others in the community looking for help on similar topics