Linux Archives - Intezer

Linux

Generic selectors
Exact matches only
Search in title
Search in content
Search in posts
Search in pages
16

ELF Malware Analysis 101 Part 2: Initial Analysis 

Introduction In the previous article we profiled the ELF malware landscape and explained how malware infects systems. We discussed the current lack...

2

Get Access to our Weekly Linux Threat Feed

With an emphasis placed on protecting Windows endpoints, the antivirus industry is struggling to detect Linux threats. In a 2019 study conducted by...

6

ELF Malware Analysis 101: Linux Threats No Longer an Afterthought

Introduction Linux has a large presence in the operating systems market because it’s open-sourced, free, and software development oriented—meaning its rich ecosystem...

2

Mapping Binaries Inside a Microsoft Azure Cloud Server

Linux has become the “go-to” OS in cloud computing, running 90% of the public cloud workload. Linux usage has even surpassed Windows...

2

Intezer Analyze community roundup

Maze ransomware, APT41 and Lazarus highlight this month’s community samples 1. More_eggs variant with low Antivirus detections has modified string encoding mechanisms...

3

Pre-runtime vulnerability scans or runtime protection: Which is better for your IaaS security?

Under Armour’s famous slogan sums up the mission perfectly: We Must Protect this House. As adoption of cloud services continues, security teams...

2

TTPs matrix for Linux cloud servers

Checklist for protecting your Linux cloud servers against cyber attacks Taking inspiration from the MITRE ATT&CK® framework, we have developed a matrix categorizing...

5

Evasion Techniques Dissected: A Mirai Case Study

Code reuse analysis vs. signature-based detection We are often asked the question, “what sets your approach apart from other malware detection solutions?”...

3

Ransomware and Spyware Top Intezer Analyze Community Detections

This month’s community highlights span a variety of file formats — APK, ELF and PE. 1) Anubis [Link to Analysis] Anubis is...

6

Linux Rekoobe Operating with New, Undetected Malware Samples

Introduction Our research team has identified new versions of an old Linux malware known as Rekoobe, a minimalistic trojan with a complex CNC...

4

Intezer Analyze Community: 2019 Recap and Trends

Emotet, Trickbot, and Lazarus were the most common threats detected by the community in 2019. Linux threats, with code connections to Mirai,...

3

2019: A Year-in-Review

What an amazing year it has been for us at Intezer! The company nearly doubled in size, we added several new important...

10

ChinaZ Updates Toolkit by Introducing New, Undetected Malware

Introduction ChinaZ is a Chinese cybercrime group and the author of several DDoS malware. We have profiled this group in a previous...

3

Genetic Malware Analysis for Golang

Intezer Analyze now proudly supports genetic analysis for files created with the Golang programming language. Community and enterprise users can detect and...

7

ACBackdoor: Analysis of a New Multiplatform Backdoor

Introduction We have discovered an undetected Linux backdoor which does not have any known connections to other threat groups. VirusTotal detection rate...

7

PureLocker: New Ransomware-as-a-Service Being Used in Targeted Attacks Against Servers

Analysis by Intezer and IBM X-Force points its origins to a Malware-as-a-Service (MaaS) provider utilized by the Cobalt Gang and FIN6 attack...

3

Russian Cybercrime Group FullofDeep Behind QNAPCrypt Ransomware Campaigns

Introduction We previously reported on how we managed to temporarily shut down 15 operative QNAPCrypt ransomware campaigns targeting Linux-based file storage systems...

6

Why we Should be Paying More Attention to Linux Threats

In a previous post we wrote for the Retail and Hospitality Information Sharing and Analysis Center (RH-ISAC), we discussed the emergence of...

4

Intezer Analyze Community: GonnaCry, HawkEye, BXAQ and More

In July, Intezer Analyze community detections included GonnaCry ransomware, the HawkEye malware kit, and BXAQ, the spyware that Chinese authorities have been...

8

Watching the WatchBog: New BlueKeep Scanner and Linux Exploits

  Overview We have discovered a new version of WatchBog—a cryptocurrency-mining botnet operational since late 2018—that we suspect has compromised more than 4,500...

8

EvilGnome: Rare Malware Spying on Linux Desktop Users

Introduction Linux desktop remains an unpopular choice among mainstream desktop users, making up a little more than 2% of the desktop operating system...

10

How We Seized 15 Active Ransomware Campaigns Targeting Linux File Storage Servers

  Introduction It is rare to see ransomware being used to target the Linux operating system. However, cyber criminals seem to adapt...

4

Intezer Analyze Community: BlackSquid, RobbinHood Ransomware and More

1) BlackSquid [Link to Analysis] BlackSquid is a Monero crypto-miner which was recently discovered by researchers at Trend Micro. According to Trend...

2

HiddenWasp and the Emergence of Linux-based Threats

This blog post was featured as contributing content for the Retail and Hospitality Information Sharing and Analysis Center (RH-ISAC). The Linux threat...

7

Executable and Linkable Format 101 Part 4: Dynamic Linking

This is a new post in our Executable and Linkable Format (ELF) 101 series, where the goal is to spread awareness about the...

4

Chinese APTs Rising: Key Takeaways from the Intezer Analyze Community in May

1) Pirpi (APT3) [Link to Analysis] APT3, commonly referred to as Gothic Panda, TG-0110 and Buckeye, is a Chinese cyber espionage group...

12

HiddenWasp Malware Stings Targeted Linux Systems

  Overview • Intezer has discovered a new, sophisticated malware that we have named “HiddenWasp”, targeting Linux systems. • The malware is...

5

Technical Analysis: Pacha Group Competing against Rocke Group for Cryptocurrency Mining Foothold on the Cloud

Pacha Group is a crypto-mining threat actor we at Intezer discovered and profiled in a blog post published on February 28, 2019....

< 1

War on the Cloud: Cybercriminals Competing for Cryptocurrency Mining Foothold

The Pacha Group is a threat actor discovered by Intezer and profiled in a blog post published on February 28, 2019. Dating back...

4

Top Five Community Uploads | April 2019

This month’s Intezer Analyze community findings include malware employed by two cyber espionage groups linked to the Russian government and an endpoint...

10

Technical Analysis: Pacha Group Deploying Undetected Cryptojacking Campaigns on Linux Servers

Introduction Cryptomining malware, also known as cryptojacking or cryptocurrency mining malware, refers to software developed to take over a computer’s resources and...

2

Pacha Group, A New Threat Actor Deploying Undetected Cryptojacking Campaigns on Linux Servers

Key Takeaways: • Intezer has evidence of a new threat actor, calling it Pacha Group, which has been deploying undetected cryptojacking campaigns...

12

ChinaZ Revelations: Revealing ChinaZ Relationships with other Chinese Threat Actor Groups

Introduction Distributed denial-of-service (DDoS) attacks were on the rise in 2018, ranging from a high volume of Mirai attacks to more sophisticated...

Subscribe to our blog Subscribe
© Intezer.com 2021 All rights reserved