Security News > 2021 > April > Stealthy Linux backdoor malware spotted after three years of minding your business
2021-04-29 23:40
Chinese security outfit Qihoo 360 Netlab on Wednesday said it has identified Linux backdoor malware that has remained undetected for a number of years.
An MD5 signature for the file systemd-daemon first showed up in VirusTotal back on May 16, 2018 without the detection of any known malware.
Netlab has dubbed the malware family RotaJakiro because it uses encryption with a rotate function and has different behavior depending on whether it's running on a root or non-root account.
The malware makes an effort to conceal itself by using multiple encryption algorithms.
The malware is not an exploit; rather it's a payload that opens a backdoor on the targeted machine.
At least the malware is starting to get noticed by antivirus software.
News URL
Related news
- Seven Malicious Go Packages Found Deploying Malware on Linux and macOS Systems (source)
- Outlaw Group Uses SSH Brute-Force to Deploy Cryptojacking Malware on Linux Servers (source)
- Chinese Hackers Target Linux Systems Using SNOWLIGHT Malware and VShell Tool (source)
- Experts Uncover New XorDDoS Controller, Infrastructure as Malware Expands to Docker, Linux, IoT (source)
- Rogue npm Packages Mimic Telegram Bot API to Plant SSH Backdoors on Linux Systems (source)