Invasive Linux Malware Symbiote Stealthily Steals Credentials and Enables Backdoor Access
Hackers use Follina to spread banking Trojan, Stalkerware TruthSpy exposes data, Russian warns West to stop cyberattacks or else, Hacker exploits Optimism lapse to swipe $16 million, much more
Researchers at BlackBerry and Intezer Labs say that a newly discovered Linux malware known as Symbiote infects all running processes on compromised systems, steals account credentials, and gives its operators backdoor access.
The malware acts as a system-wide parasite, leaving no identifiable signs of infection even during in-depth inspections because it uses the BPF (Berkeley Packet Filter) hooking functionality to sniff network data packets and to hide its own communication channels from security tools. The malware is primarily used for automated credential harvesting from hacked Linux devices by hooking the "libc read" function. (Bill Toulas / Bleeping Computer)
Related: CSO Online, Teiss, The Hacker News, Cyberintel Magazine, ZDNet, ZDNet, Intezer, The Hacker News, SiliconANGLE, GovInfoSecurity.com, DataBreachToday.com, Ars Technica, BetaNews, The Info Op, Blackberry, Security Week, PC Risk, TechCentral.ie, Help Net Security
Researchers at Proof…
Keep reading with a 7-day free trial
Subscribe to Metacurity to keep reading this post and get 7 days of free access to the full post archives.