linux-malware issues

[Intel]: https://blog.talosintelligence.com/2018/05/VPNFilter.html

### Area Malware reports ### Parent threat _No response_ ### Finding https://blog.talosintelligence.com/2018/05/VPNFilter.html ### Industry reference VPNFilter ### Malware reference _No response_ ### Actor reference _No response_ ### Component _No response_...

timb-machine

new

missing:tactics

missing:tag:T1048

missing:tag:T1057

missing:tag:T1070.004

missing:tag:T1071.001

missing:tag:T1083

missing:tag:T1491

missing:tag:T1546.004

missing:tag:T1567

missing:tag:T1573

missing:tag:T1590

missing:tag:T1021.002

missing:tag:T1027.002

missing:tag:T1053.003

missing:tag:Non-persistentStorage

missing:tag:wltm

[Intel]: https://github.com/anelshaer/Remote-Linux-Triage-Collection-using-OSquery

### Area Defensive techniques ### Parent threat _No response_ ### Finding https://github.com/anelshaer/Remote-Linux-Triage-Collection-using-OSquery ### Industry reference _No response_ ### Malware reference _No response_ ### Actor reference _No response_ ### Component Linux...

timb-machine

new

missing:tactics

missing:tag:T1005

missing:tag:T1048

missing:tag:T1071.001

missing:tag:T1491

missing:tag:T1567

missing:tag:T1573

missing:tag:T1053.007

missing:tag:T1609

missing:tag:T1610

missing:tag:T1548.003

[Intel]: https://www.sentinelone.com/labs/the-mystery-of-metador-an-unattributed-threat-hiding-in-telcos-isps-and-universities/

### Area Malware reports ### Parent threat _No response_ ### Finding https://www.sentinelone.com/labs/the-mystery-of-metador-an-unattributed-threat-hiding-in-telcos-isps-and-universities/ ### Industry reference _No response_ ### Malware reference Metador wltm ### Actor reference _No response_ ### Component Linux...

timb-machine

new

missing:tactics

missing:tag:T1048

missing:tag:T1057

missing:tag:T1070.003

missing:tag:T1070.004

missing:tag:T1071.001

missing:tag:T1083

missing:tag:T1491

missing:tag:T1546.004

missing:tag:T1552.003

missing:tag:T1567

missing:tag:T1573

missing:tag:T1021.002

missing:tag:T1027.002

missing:tag:T1560

missing:tag:T1070.006

missing:tag:T1518

missing:tag:T1574.007

missing:tag:PyPI

[Intel]: https://news.ycombinator.com/item?id=17501379

### Area Supply chain attacks ### Parent threat _No response_ ### Finding https://news.ycombinator.com/item?id=17501379 ### Industry reference _No response_ ### Malware reference _No response_ ### Actor reference _No response_ ### Component...

timb-machine

new

missing:tactics

missing:tag:T1005

missing:tag:T1048

missing:tag:T1057

missing:tag:T1070.004

missing:tag:T1071.001

missing:tag:T1083

missing:tag:T1491

missing:tag:T1567

missing:tag:T1573

missing:tag:T1590

missing:tag:T1021.002

missing:tag:T1027.002

missing:tag:T1053.003

missing:tag:T1560

missing:tag:T1007

missing:tag:T1053.006

missing:tag:T1543.002

missing:tag:T1548.003

missing:tag:T1021.004

missing:tag:T1037

[Intel]: https://lists.archlinux.org/pipermail/aur-general/2018-July/034169.html

### Area Supply chain attacks ### Parent threat _No response_ ### Finding https://lists.archlinux.org/pipermail/aur-general/2018-July/034169.html ### Industry reference https://github.com/timb-machine/linux-malware/issues/525 ### Malware reference wltm ### Actor reference _No response_ ### Component Linux ###...

timb-machine

new

missing:tactics

missing:tag:T1048

missing:tag:T1071.001

missing:tag:T1567

missing:tag:T1573

[Intel]: https://blog.netlab.360.com/an-analysis-of-godlua-backdoor-en/

### Area Malware reports ### Parent threat _No response_ ### Finding https://blog.netlab.360.com/an-analysis-of-godlua-backdoor-en/ ### Industry reference GodLua ### Malware reference _No response_ ### Actor reference _No response_ ### Component _No response_...

timb-machine

new

missing:tactics

missing:tag:T1005

missing:tag:T1048

missing:tag:T1057

missing:tag:T1070.004

missing:tag:T1071.001

missing:tag:T1491

missing:tag:T1546.004

missing:tag:T1567

missing:tag:T1573

missing:tag:T1590

missing:tag:T1027.002

missing:tag:T1560

[Intel]: https://twitter.com/_larry0/status/1143532888538984448

### Area Malware reports ### Parent threat _No response_ ### Finding https://twitter.com/_larry0/status/1143532888538984448 ### Industry reference Silex ### Malware reference _No response_ ### Actor reference _No response_ ### Component _No response_...

timb-machine

new

missing:tactics

missing:tag:T1048

missing:tag:T1070.004

missing:tag:T1071.001

missing:tag:T1567

missing:tag:T1573

missing:tag:T1590

missing:tag:T1562.004

[Intel]: https://www.cadosecurity.com/post/team-tnt-the-first-crypto-mining-worm-to-steal-aws-credentials

### Area Malware reports ### Parent threat _No response_ ### Finding https://www.cadosecurity.com/post/team-tnt-the-first-crypto-mining-worm-to-steal-aws-credentials ### Industry reference TeamTNT ### Malware reference _No response_ ### Actor reference _No response_ ### Component _No response_...

timb-machine

new

missing:tactics

missing:tag:T1005

missing:tag:T1048

missing:tag:T1057

missing:tag:T1070.004

missing:tag:T1071.001

missing:tag:T1083

missing:tag:T1491

missing:tag:T1546.004

missing:tag:T1567

missing:tag:T1573

missing:tag:T1070.006

missing:tag:T1053.007

missing:tag:T1098.004

missing:tag:T1609

missing:tag:T1610

missing:tag:RedirectionToNull

missing:tag:T1037

missing:tag:T1001

missing:tag:T1552.004

missing:tag:T1037.004

[Intel]: https://scarybeastsecurity.blogspot.com/2011/07/alert-vsftpd-download-backdoored.html

### Area Supply chain attacks ### Parent threat _No response_ ### Finding https://scarybeastsecurity.blogspot.com/2011/07/alert-vsftpd-download-backdoored.html ### Industry reference VsFTPd ### Malware reference _No response_ ### Actor reference _No response_ ### Component _No...

timb-machine

new

missing:tactics

missing:tag:T1048

missing:tag:T1057

missing:tag:T1070.004

missing:tag:T1071.001

missing:tag:T1083

missing:tag:T1491

missing:tag:T1567

missing:tag:T1573

missing:tag:T1590

missing:tag:T1027.002

missing:tag:T1518

missing:tag:T1021.001

missing:tag:T1071.002

missing:tag:wltm

missing:tag:IRC

[Intel]: https://twitter.com/billyleonard/status/1458531997576572929

### Area Malware reports ### Parent threat _No response_ ### Finding https://twitter.com/billyleonard/status/1458531997576572929 ### Industry reference _No response_ ### Malware reference Rekoobe TSH TINYSHELL https://github.com/timb-machine/linux-malware/issues/481 ### Actor reference APT31 ### Component...

linux-malware
linux-malware copied to clipboard

Metadata

[Intel]: https://blog.talosintelligence.com/2018/05/VPNFilter.html

[Intel]: https://github.com/anelshaer/Remote-Linux-Triage-Collection-using-OSquery

[Intel]: https://www.sentinelone.com/labs/the-mystery-of-metador-an-unattributed-threat-hiding-in-telcos-isps-and-universities/

[Intel]: https://news.ycombinator.com/item?id=17501379

[Intel]: https://lists.archlinux.org/pipermail/aur-general/2018-July/034169.html

[Intel]: https://blog.netlab.360.com/an-analysis-of-godlua-backdoor-en/

[Intel]: https://twitter.com/_larry0/status/1143532888538984448

[Intel]: https://www.cadosecurity.com/post/team-tnt-the-first-crypto-mining-worm-to-steal-aws-credentials

[Intel]: https://scarybeastsecurity.blogspot.com/2011/07/alert-vsftpd-download-backdoored.html

[Intel]: https://twitter.com/billyleonard/status/1458531997576572929

← Metadata

Owner

Metadata

linux-malware linux-malware copied to clipboard

Metadata

← Metadata

Owner

Metadata

linux-malware
linux-malware copied to clipboard