Metacurity

Share this post

Invasive Linux Malware Symbiote Stealthily Steals Credentials and Enables Backdoor Access

metacurity.substack.com

Invasive Linux Malware Symbiote Stealthily Steals Credentials and Enables Backdoor Access

Hackers use Follina to spread banking Trojan, Stalkerware TruthSpy exposes data, Russian warns West to stop cyberattacks or else, Hacker exploits Optimism lapse to swipe $16 million, much more

Cynthia Brumfield
Jun 10, 2022
∙ Paid
1
Share
Share this post

Invasive Linux Malware Symbiote Stealthily Steals Credentials and Enables Backdoor Access

metacurity.substack.com
selective focus photography of computer code monitor display
Photo by Sai Kiran Anagani on Unsplash

Researchers at BlackBerry and Intezer Labs say that a newly discovered Linux malware known as Symbiote infects all running processes on compromised systems, steals account credentials, and gives its operators backdoor access.

The malware acts as a system-wide parasite, leaving no identifiable signs of infection even during in-depth inspections because it uses the BPF (Berkeley Packet Filter) hooking functionality to sniff network data packets and to hide its own communication channels from security tools. The malware is primarily used for automated credential harvesting from hacked Linux devices by hooking the "libc read" function. (Bill Toulas / Bleeping Computer)

Related: CSO Online, Teiss, The Hacker News, Cyberintel Magazine, ZDNet, ZDNet, Intezer, The Hacker News, SiliconANGLE, GovInfoSecurity.com, DataBreachToday.com, Ars Technica, BetaNews, The Info Op, Blackberry, Security Week, PC Risk, TechCentral.ie, Help Net Security

Researchers at Proof…

Keep reading with a 7-day free trial

Subscribe to Metacurity to keep reading this post and get 7 days of free access to the full post archives.

Already a paid subscriber? Sign in
Previous
Next
© 2023 DCT Associates
Privacy ∙ Terms ∙ Collection notice
Start WritingGet the app
Substack is the home for great writing