New Linux Malware Combines Unusual Stealth with a Full Suite of Capabilities

upnorth

upnorth

Level 68
Thread author
Verified
Top Poster
Malware Hunter
Well-known
Jul 27, 2015
5,458
Content source
https://arstechnica.com/information-technology/2022/09/new-linux-malware-combines-unusual-stealth-with-a-full-suite-of-capabilities/
Researchers this week unveiled a new strain of Linux malware that's notable for its stealth and sophistication in infecting both traditional servers and smaller Internet-of-things devices.

Dubbed Shikitega by the AT&T Alien Labs researchers who discovered it, the malware is delivered through a multistage infection chain using polymorphic encoding. It also abuses legitimate cloud services to host command-and-control servers. These things make detection extremely difficult. "Threat actors continue to search for ways to deliver malware in new ways to stay under the radar and avoid detection," AT&T Alien Labs researcher Ofer Caspi wrote. "Shikitega malware is delivered in a sophisticated way, it uses a polymorphic encoder, and it gradually delivers its payload where each step reveals only part of the total payload. In addition, the malware abuses known hosting services to host its command and control servers."
Click to expand...
The ultimate objective of the malware isn't clear. It drops the XMRig software for mining the Monero cryptocurrency, so stealthy cryptojacking is one possibility. But Shikitega also downloads and executes a powerful Metasploit package known as Mettle, which bundles capabilities including webcam control, credential stealing, and multiple reverse shells into a package that runs on everything from "the smallest embedded Linux targets to big iron." Mettle's inclusion leaves open the potential that surreptitious Monero mining isn't the sole function.
Click to expand...
arstechnica.com

New Linux malware combines unusual stealth with a full suite of capabilities

With polymorphic encoding and a multistage infection chain, Shikitega is hard to detect.
arstechnica.com arstechnica.com
 
  • +Reputation
  • Like
Reactions: Venustus, Gandalf_The_Grey, mlnevese and 3 others
mlnevese

mlnevese

Level 28
Verified
Top Poster
Well-known
May 3, 2015
1,742
People should realize that all software, and that includes operating systems, have vulnerabilities and if it becomes popular, it becomes lucrative to target them. Many people still have the illusion that Macs and Linux have no malware.
 
  • Like
Reactions: Azure, TedCruz, Venustus and 3 others
You must log in or register to reply here.

Similar threads

silversurfer
    • Like
    • +Reputation
Stealth Soldier: A New Custom Backdoor Targets North Africa with Espionage Attacks
Replies
0
Views
1,244
News Archive
silversurfer
silversurfer
silversurfer
    • Like
    • +Reputation
Malware News New Sneaky Xamalicious Android Malware Hits Over 327,000 Devices
Replies
0
Views
1,240
Security News
silversurfer
silversurfer
Gandalf_The_Grey
    • Like
    • +Reputation
Security News New Linux malware is controlled through emojis sent from Discord
Replies
0
Views
1,309
Security News
Gandalf_The_Grey
Gandalf_The_Grey

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top