- - - Fuxoft RSS only: security - - -

You can add this page to your RSS reader. Back to the list of my RSS feeds..

>>> Posted at Thu, 29 Apr 2021 04:53:07 +0000 (view full version) Title: "#linux #security RotaJakiro: A long live secret backdoor with 0 VT detection Overview On March..."


RotaJakiro: A long live secret backdoor with 0 VT detection

Overview On March 25, 2021, 360 NETLAB's BotMon system flagged a suspiciousELF file (MD5=64f6cfe44ba08b0babdd3904233c4857) with 0 VT detection, the sample communicates with 4 domains on TCP 443 (HTTPS), but the traffic is not of TLS/SSL. A close look at the sample revealed it to be a backdoor targeting Linux X64 systems, a family that has been around for at least 3 years.

blog.netlab.360.com/stealth_ro