New high-stealth malware for Linux

A team of researchers from cybersecurity firm AT&T Alien Labs has revealed a new Linux malware with superior stealth and proficiency that infects both existing servers and small Internet of Things devices. The research team described the threat, including a mechanism by which the malware, dubbed Sikitega, is difficult to detect.

According to the research team, there are mainly two reasons why shikitega is difficult to detect. First, it is a polymorphic malware that encrypts itself with a different encryption key each time it is infected. This makes it impossible to detect a known virus using pattern matching, which matches a file with a suspected infection. In addition, it is said that it is becoming difficult to identify the source because it hosts the C2 server, which is a foothold by abusing regular cloud services.

The main dropper that Shikitega creates and drops files containing malware is a small, 376-byte executable. The first simple module delivered is encoded by a combination of multi-level infection chains, where each link downloads and executes the next link in response to part of the previous link. When deploying, using polymorphic encoders makes it difficult to pinpoint malware details.

The Shikitega C2 server responds with a shell command that causes the target computer to perform program operations. In this way, since the command is executed in the PC memory, it is difficult to detect by PC antivirus protection, and the stealth property is further improved.

The purpose of Shikitega as a malware is not clear, but one of its purposes is to send software to mine cryptocurrencies. However, in addition, webcam control and credential theft are taking place at the same time, and there is concern that mining is not the only function of the malware, but has other end goals.

The research team reports that Linux malware is on the rise from 2022, and recommends that system administrators make regular backups of their most important data using EDR, which applies available security updates and continuously monitors all endpoints for threats. Related content this placecan be checked in

Related posts:

Galaxy A24 with incredible price at Casas Bahia
Get "Human Resource Machine" for Free: A Fun and Challenging Puzzle Game for Programmers
Microsoft Announces Windows 11 23H2 Update: New Features and Release Date
Diablo 4 Evil Season Raiders: Strong Professional Genre Recommendations and Quick Upgrade Methods
Apple released iOS 12.5.6, older iPhone iPad users can update it now.
This set of 6 designer chairs available at an unbeatable price goes below 100 euros
MacBook Pro 14”: custom configurations on flash sale!
How to earn free phone? - Future News

The price of iron and cement in Egypt today, Sunday, September 18

Major film studios meet with Mongolian Prime Minister to discuss development of Mongolian film industry | ThaiPR.NET

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.