Security News > 2020 > July > Fret not, Linux fans, Microsoft's Project Freta is here to peer deep into your memory... to spot malware
Boffins in Microsoft Research has pulled the covers off Project Freta, a free service aimed at spotting memory malfeasance.
The project kicked off two years ago, partially in response to existing malware sensors being evaded as malicious code gained the ability to spot when it was being observed and self-destruct to prevent discovery.
Taking a different path to the sensor-malware arms race, the Project Freta requirements called for an offline analysis system that could work in batch mode and a sensor to provide memory captures without executing a clarifying instruction on the guest.
4,000 Linux kernels are now supported and Freta will accept four types of memory images: Hyper-V Memory Snapshot, LiME image, Elf Core Dump of Physical Memory and Raw Physical Memory Dump.
Very much a tool for investigators, Project Freta will also have a crack at inferring the presence of malware and note potential rootkits, but "It does not flag everything" according to Microsoft.
News URL
https://go.theregister.com/feed/www.theregister.com/2020/07/07/project_freta/
Related news
- FINALDRAFT Malware Exploits Microsoft Graph API for Espionage on Windows and Linux (source)
- New Microsoft script updates Windows media with bootkit malware fixes (source)
- Microsoft says attackers use exposed ASP.NET keys to deploy malware (source)
- Microsoft spots XCSSET macOS malware variant used for crypto theft (source)
- Microsoft Uncovers New XCSSET macOS Malware Variant with Advanced Obfuscation Tactics (source)
- New Linux Malware ‘Auto-Color’ Grants Hackers Full Remote Access to Compromised Systems (source)