A new Linux stealth malware was discovered by researchers last week. The malware, named HiddenWasp, is a remote access tool that has two modes of infection depending on whether it has root level or user …
READ MOREDetecting and De-Cloaking HiddenWasp Linux Stealth Malware
Sandfly founder Craig Rowland discusses Linux cryptomining malware on the Digital Forensics Survival Podcast with host Michael. They go over what this class of malware does, how it gets onto Linux systems, what to look for …
The latest Sandfly release has new features for file classification and file entropy scanning. We can now spot files that are trying to masquerade as something they aren’t, and spot files that may be packed …
READ MORESandfly 1.1.14 – Linux File Masquerading, Encrypted Malware Detection, and More
If malware is anything at all, it’s persistent. On Linux, just like Windows, malware once loaded wants to stay loaded. On Windows systems this is usually done with a variety of registry mechanisms. For Linux …