linux-malware

linux-malware copied to clipboard

### Area Malware source ### Parent threat Persistence, Defense Evasion, Command and Control ### Finding https://pastebin.com/raw/kmmJuuQP ### Industry reference uses:BPF attack:T1036:Masquerading attack:T1070:Indicator Removal on Host attack:T1205:Traffic Signaling ### Malware reference...

timb-machine

### Area Malware reports ### Parent threat Persistence, Defense Evasion, Command and Control ### Finding https://twitter.com/cyb3rops/status/1523227511551033349 ### Industry reference uses:BPF attack:T1036:Masquerading attack:T1070:Indicator Removal on Host attack:T1205:Traffic Signaling ### Malware reference...

timb-machine

### Area Malware reports ### Parent threat Persistence, Defense Evasion, Command and Control ### Finding https://twitter.com/CraigHRowland/status/1523266585133457408 ### Industry reference uses:BPF attack:T1036:Masquerading attack:T1070:Indicator Removal on Host attack:T1205:Traffic Signaling ### Malware reference...

timb-machine

### Area Malware binaries ### Parent threat Persistence, Defense Evasion, Command and Control ### Finding https://bazaar.abuse.ch/browse/tag/Symbiote/ ### Industry reference https://github.com/timb-machine/linux-malware/issues/452 attack:T1205:Traffic Signaling attack:T1036:Masquerading attack:T1070:Indicator Removal on Host attack:T1556.003:Pluggable Authentication Modules...

timb-machine

### Area Press/academia ### Parent threat _No response_ ### Finding https://blogs.vmware.com/security/2022/02/2022-vmware-threat-report-exposing-malware-in-linux-based-multi-cloud-environments.html ### Industry reference _No response_ ### Malware reference _No response_ ### Actor reference _No response_ ### Component Linux ###...

timb-machine

### Area Malware reports ### Parent threat Execution, Persistence, Defense Evasion ### Finding https://cybersecurity.att.com/blogs/labs-research/shikitega-new-stealthy-malware-targeting-linux ### Industry reference attack:T1059:Command and Scripting Interpreter attack:T1569: System Service attack:T1569.002: Service Execution attack:T1543: Create or...

timb-machine

### Area Offensive techniques ### Parent threat Execution ### Finding https://twitter.com/brainsmoke/status/399558997994668033 ### Industry reference _No response_ ### Malware reference _No response_ ### Actor reference _No response_ ### Component Linux ###...

timb-machine

### Area Malware reports ### Parent threat _No response_ ### Finding https://hybrid-analysis.com/sample/eb8826bac873442045a6a05f1fa25b410ca18db6942053f6d146467c00d5338d ### Industry reference _No response_ ### Malware reference Peer2Profit ### Actor reference _No response_ ### Component Linux ###...

timb-machine

### Area Breach reports ### Parent threat Initial Access ### Finding https://twitter.com/1ZRR4H/status/1560662815400407040 ### Industry reference _No response_ ### Malware reference Peer2Profit ### Actor reference _No response_ ### Component Linux ###...

timb-machine

### Area Malware reports ### Parent threat Impact ### Finding https://twitter.com/malwrhunterteam/status/1559636227485319168 ### Industry reference _No response_ ### Malware reference REvil wltm ### Actor reference _No response_ ### Component Linux ###...

timb-machine