Security News > 2020 > July > Fret not, Linux fans, Microsoft's Project Freta is here to peer deep into your memory... to spot malware
Boffins in Microsoft Research has pulled the covers off Project Freta, a free service aimed at spotting memory malfeasance.
The project kicked off two years ago, partially in response to existing malware sensors being evaded as malicious code gained the ability to spot when it was being observed and self-destruct to prevent discovery.
Taking a different path to the sensor-malware arms race, the Project Freta requirements called for an offline analysis system that could work in batch mode and a sensor to provide memory captures without executing a clarifying instruction on the guest.
4,000 Linux kernels are now supported and Freta will accept four types of memory images: Hyper-V Memory Snapshot, LiME image, Elf Core Dump of Physical Memory and Raw Physical Memory Dump.
Very much a tool for investigators, Project Freta will also have a crack at inferring the presence of malware and note potential rootkits, but "It does not flag everything" according to Microsoft.
News URL
https://go.theregister.com/feed/www.theregister.com/2020/07/07/project_freta/
Related news
- New Perfctl Malware Targets Linux Servers for Cryptocurrency Mining and Proxyjacking (source)
- Linux malware “perfctl” behind years-long cryptomining campaign (source)
- Linux systems targeted with stealthy “Perfctl” cryptomining malware (source)
- New FASTCash malware Linux variant helps steal money from ATMs (source)
- New Linux Variant of FASTCash Malware Targets Payment Switches in ATM Heists (source)
- VEILDrive Attack Exploits Microsoft Services to Evade Detection and Distribute Malware (source)
- New CRON#TRAP Malware Infects Windows by Hiding in Linux VM to Evade Antivirus (source)
- Chinese hackers target Linux with new WolfsBane malware (source)