Skidmap Linux Malware Uses Rootkit Capabilities to Hide Cryptocurrency-Mining Payload
https://blog.trendmicro.com/trendlabs-security-intelligence/skidmap-linux-malware-uses-rootkit-capabilities-to-hide-cryptocurrency-mining-payload
#skidmap #malware #virus #rootkit #linux
https://blog.trendmicro.com/trendlabs-security-intelligence/skidmap-linux-malware-uses-rootkit-capabilities-to-hide-cryptocurrency-mining-payload
#skidmap #malware #virus #rootkit #linux
Trend Micro
Skidmap Malware Uses Rootkit to Hide Mining Payload
Skidmap, a Linux malware that we recently stumbled upon, demonstrates the increasing complexity of cryptocurrency-mining threats. This malware is notable for how it loads malicious kernel modules to keep its cryptocurrency mining operations hidden.
Forwarded from BlackBox (Security) Archiv
Introducing Project Freta - Microsoft Launches Free Linux Forensics and Rootkit Malware Detection Service
Microsoft has announced a new free-to-use initiative aimed at uncovering forensic evidence of sabotage on Linux systems, including rootkits and intrusive malware that may otherwise go undetected.
The cloud offering, dubbed Project Freta, is a snapshot-based memory forensic mechanism that aims to provide automated full-system volatile memory inspection of virtual machine (VM) snapshots, with capabilities to spot malicious software, kernel rootkits, and other stealthy malware techniques such as process hiding.
The project is named after Warsaw's Freta Street, the birthplace of Marie Curie, the famous French-Polish physicist who brought X-ray medical imaging to the battlefield during World War I.
"Modern malware is complex, sophisticated, and designed with non-discoverability as a core tenet," said Mike Walker, Microsoft's senior director of New Security Ventures. "Project Freta intends to automate and democratize VM forensics to a point where every user and every enterprise can sweep volatile memory for unknown malware with the push of a button — no setup required."
The objective is to infer the presence of malware from memory, at the same time gain the upper hand in the fight against threat actors who deploy and reuse stealthy malware on target systems for ulterior motives, and more importantly, render evasion infeasible and increase the development cost of undiscoverable cloud malware.
https://www.microsoft.com/en-us/research/blog/toward-trusted-sensing-for-the-cloud-introducing-project-freta/
https://thehackernews.com/2020/07/microsoft-linux-forensics-rootkit.html
#microsoft #linux #cloud #Freta #forensics #research #rootkit #malware
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag
Microsoft has announced a new free-to-use initiative aimed at uncovering forensic evidence of sabotage on Linux systems, including rootkits and intrusive malware that may otherwise go undetected.
The cloud offering, dubbed Project Freta, is a snapshot-based memory forensic mechanism that aims to provide automated full-system volatile memory inspection of virtual machine (VM) snapshots, with capabilities to spot malicious software, kernel rootkits, and other stealthy malware techniques such as process hiding.
The project is named after Warsaw's Freta Street, the birthplace of Marie Curie, the famous French-Polish physicist who brought X-ray medical imaging to the battlefield during World War I.
"Modern malware is complex, sophisticated, and designed with non-discoverability as a core tenet," said Mike Walker, Microsoft's senior director of New Security Ventures. "Project Freta intends to automate and democratize VM forensics to a point where every user and every enterprise can sweep volatile memory for unknown malware with the push of a button — no setup required."
The objective is to infer the presence of malware from memory, at the same time gain the upper hand in the fight against threat actors who deploy and reuse stealthy malware on target systems for ulterior motives, and more importantly, render evasion infeasible and increase the development cost of undiscoverable cloud malware.
https://www.microsoft.com/en-us/research/blog/toward-trusted-sensing-for-the-cloud-introducing-project-freta/
https://thehackernews.com/2020/07/microsoft-linux-forensics-rootkit.html
#microsoft #linux #cloud #Freta #forensics #research #rootkit #malware
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag
Microsoft Research
Toward trusted sensing for the cloud: Introducing Project Freta - Microsoft Research
Editor’s note, Feb. 14, 2024 – The Project Freta analysis web portal is no longer publicly accessible. Please contact project-freta@microsoft.com. “Sunlight is said to be the best of disinfectants.” ―Louis D. Brandeis, 1914 We…
Someone wrote a virus that's not removed from your computer by wiping your hard drive and reinstalling the os.
Nothing new about that, but these typically target only windows users, this one works on #linux:
https://www.welivesecurity.com/en/eset-research/bootkitty-analyzing-first-uefi-bootkit-linux/
#rootkit
Nothing new about that, but these typically target only windows users, this one works on #linux:
https://www.welivesecurity.com/en/eset-research/bootkitty-analyzing-first-uefi-bootkit-linux/
#rootkit
Welivesecurity
Bootkitty: Analyzing the first UEFI bootkit for Linux
ESET's discovery of the first UEFI bootkit designed for Linux sendss an important message: UEFI bootkits are no longer confined to Windows systems alone.