Security News > 2020 > July > Fret not, Linux fans, Microsoft's Project Freta is here to peer deep into your memory... to spot malware
Boffins in Microsoft Research has pulled the covers off Project Freta, a free service aimed at spotting memory malfeasance.
The project kicked off two years ago, partially in response to existing malware sensors being evaded as malicious code gained the ability to spot when it was being observed and self-destruct to prevent discovery.
Taking a different path to the sensor-malware arms race, the Project Freta requirements called for an offline analysis system that could work in batch mode and a sensor to provide memory captures without executing a clarifying instruction on the guest.
4,000 Linux kernels are now supported and Freta will accept four types of memory images: Hyper-V Memory Snapshot, LiME image, Elf Core Dump of Physical Memory and Raw Physical Memory Dump.
Very much a tool for investigators, Project Freta will also have a crack at inferring the presence of malware and note potential rootkits, but "It does not flag everything" according to Microsoft.
News URL
https://go.theregister.com/feed/www.theregister.com/2020/07/07/project_freta/
Related news
- Chinese hackers target Linux with new WolfsBane malware (source)
- Researchers discover first UEFI bootkit malware for Linux (source)
- BootKitty UEFI malware exploits LogoFAIL to infect Linux systems (source)
- New stealthy Pumakit Linux rootkit malware spotted in the wild (source)
- Iran-Linked IOCONTROL Malware Targets SCADA and Linux-Based IoT Platforms (source)
- Attackers Exploit Microsoft Teams and AnyDesk to Deploy DarkGate Malware (source)