Security News > 2022 > June > Symbiote: A Stealthy Linux Malware Targeting Latin American Financial Sector
Cybersecurity researchers have taken the wraps off what they call a "Nearly-impossible-to-detect" Linux malware that could be weaponized to backdoor infected systems.
Dubbed Symbiote by threat intelligence firms BlackBerry and Intezer, the stealthy malware is so named for its ability to conceal itself within running processes and network traffic and drain a victim's resources like a parasite.
The operators behind Symbiote are believed to have commenced development on the malware in November 2021, with the threat actor predominantly using it to target the financial sector in Latin America, including banks like Banco do Brasil and Caixa.
"What makes Symbiote different from other Linux malware is that it infects running processes rather than using a standalone executable file to inflict damage."
Upon hijacking all running processes, Symbiote enables rootkit functionality to further hide evidence of its presence and provides a backdoor for the threat actor to log in to the machine and execute privileged commands.
"Since the malware operates as a user-land level rootkit, detecting an infection may be difficult," the researchers concluded.
News URL
https://thehackernews.com/2022/06/symbiote-stealthy-linux-malware.html
Related news
- Coyote Malware Expands Reach: Now Targets 1,030 Sites and 73 Financial Institutions (source)
- FINALDRAFT Malware Exploits Microsoft Graph API for Espionage on Windows and Linux (source)
- New Auto-Color Linux backdoor targets North American govts, universities (source)
- New Linux Malware ‘Auto-Color’ Grants Hackers Full Remote Access to Compromised Systems (source)
- Seven Malicious Go Packages Found Deploying Malware on Linux and macOS Systems (source)