pull down to refresh

Stealthy 'sedexp' Linux malware evaded detection for two yearswww.bleepingcomputer.com/news/security/stealthy-sedexp-linux-malware-evaded-detection-for-two-years/
31 sats \ 1 comment \ @plebone 24 Aug security
write
preview
related posts
0 sats \ 0 replies \ @MalwareLab 25 Aug
This malware contains several thing worth to mention:
  • persistence via udev rules
    • this technique is not documented in MITRE ATT&CK
  • remote access to the victim device
    • the malware calls home and creates reverse shell for the attacker
  • hides itself
    • like "rootkit", it filters out strings with its name from the outputs of the system commands (e.g. ls, find)
  • code injection to another processes
    • related to scraping credit cards data
reply