Security News > 2022 > June > Symbiote: A Stealthy Linux Malware Targeting Latin American Financial Sector
Cybersecurity researchers have taken the wraps off what they call a "Nearly-impossible-to-detect" Linux malware that could be weaponized to backdoor infected systems.
Dubbed Symbiote by threat intelligence firms BlackBerry and Intezer, the stealthy malware is so named for its ability to conceal itself within running processes and network traffic and drain a victim's resources like a parasite.
The operators behind Symbiote are believed to have commenced development on the malware in November 2021, with the threat actor predominantly using it to target the financial sector in Latin America, including banks like Banco do Brasil and Caixa.
"What makes Symbiote different from other Linux malware is that it infects running processes rather than using a standalone executable file to inflict damage."
Upon hijacking all running processes, Symbiote enables rootkit functionality to further hide evidence of its presence and provides a backdoor for the threat actor to log in to the machine and execute privileged commands.
"Since the malware operates as a user-land level rootkit, detecting an infection may be difficult," the researchers concluded.
News URL
https://thehackernews.com/2022/06/symbiote-stealthy-linux-malware.html
Related news
- Magnet Goblin hackers use 1-day flaws to drop custom Linux malware (source)
- Hackers leverage 1-day vulnerabilities to deliver custom Linux malware (source)
- Week in review: Cybersecurity job openings, hackers use 1-day flaws to drop custom Linux malware (source)
- Suspected Russian Data-Wiping 'AcidPour' Malware Targeting Linux x86 Devices (source)
- Attackers are targeting financial departments with SmokeLoader malware (source)
- DinodasRAT malware targets Linux servers in espionage campaign (source)
- Vietnam-Based Hackers Steal Financial Data Across Asia with Malware (source)
- Visa warns of new JSOutProx malware variant targeting financial orgs (source)
- New Wave of JSOutProx Malware Targeting Financial Firms in APAC and MENA (source)