An Interest In:
Web News this Week
- April 26, 2024
- April 25, 2024
- April 24, 2024
- April 23, 2024
- April 22, 2024
- April 21, 2024
- April 20, 2024
Some of Our Sources
- BoingBoing
- The Logo Smith
- Web Designer Depot
- Fudge Graphics
- 24 Ways
- Stylized Web
- Specky Boy
- Design Modo
- Codrops
- TechPowerUp
Help Webnuz
Referal links:
May 31, 2019 12:50 am
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/BsOJa-2n2dw/advanced-linux-backdoor-found-in-the-wild-escaped-av-detection
Advanced Linux Backdoor Found In the Wild Escaped AV Detection
Researchers have discovered an advanced piece of Linux malware that has escaped detection bypasses antivirus products and appears to be actively used in targeted attacks. Ars Technica reports: HiddenWasp, as the malware has been dubbed, is a fully developed suite of malware that includes a trojan, rootkit, and initial deployment script, researchers at security firm Intezer reported on Wednesday. At the time Intezer's post went live, the VirusTotal malware service indicated Hidden Wasp wasn't detected by any of the 59 antivirus engines it tracks, although some have now begun to flag it. Time stamps in one of the 10 files Intezer analyzed indicated it was created last month. The command and control server that infected computers report to remained operational at the time this article was being prepared. Some of the evidence analyzed -- including code showing that the computers it infects are already compromised by the same attackers -- indicated that HiddenWasp is likely a later stage of malware that gets served to targets of interest who have already been infected by an earlier stage. It's not clear how many computers have been infected or how any earlier related stages get installed. With the ability to download and execute code, upload files, and perform a variety of other commands, the purpose of the malware appears to be to remotely control the computers it infects. That's different from most Linux malware, which exists to perform denial of service attacks or mine cryptocurrencies. Some of the code appears to be borrowed from Mirai, while other code has similarities to other established projects or malware including the Azazel rootkit, the ChinaZ Elknot implant, and the recently discovered Linux variant of Winnti, a family of malware that previously had been seen targeting only Windows.Read more of this story at Slashdot.
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/BsOJa-2n2dw/advanced-linux-backdoor-found-in-the-wild-escaped-av-detection
Share this article:
Tweet
View Full Article
Slashdot
Slashdot was originally created in September of 1997 by Rob "CmdrTaco" Malda. Today it is owned by Geeknet, Inc..More About this Source Visit Slashdot