Blog
Category

Ultra-stealthy Linux backdoor gives remote access to any account

By
Niranjan Maharajh
June 10, 2022
1
min read
Share this post
What makes Symbiote different from other Linux malware that we usually come across, is that it needs to infect other running processes to inflict damage on infected machines. Instead of being a standalone executable file that is run to infect a machine, it is a shared object (SO) library that is loaded into all running processes using LD_PRELOAD (T1574.006), and parasitically infects the machine. Once it has infected all the running processes, it provides the threat actor with rootkit functionality, the ability to harvest credentials, and remote access capability.
Symbiote Evasion Techniques

Source: https://arstechnica.com/information-technology/2022/06/novel-techniques-in-never-before-seen-linux-backdoor-make-it-ultra-stealthy/

READ MORE

Share this post
Niranjan Maharajh

Similar articles

Post-Market Surveillance

Dutch Regulators on Post-Market Surveillance Compliance Issues

The Dutch Health and Youth Care Inspectorate (IGJ) recently conducted inspections of 13 medical device manufacturers based in the Netherlands and found that none fully complied with the Post-Market Surveillance (PMS) requirements outlined in the European Medical Devices Regulation (MDR) and In Vitro Diagnostic Medical Devices Regulation (IVDR).
Niranjan Maharajh
February 16, 2025
15
min read
Post-Market Surveillance

Medical Device Safety: The Rise of Active Postmarket Surveillance

Learn how the FDA is using real-world data to proactively monitor device safety and what it means for patients, providers, and manufacturers.
Irina Smith
January 12, 2025
10
min read
Post-Market Surveillance

Ultra-stealthy Linux backdoor gives remote access to any account

A previously undetectable Linux backdoor combines high levels of access with the ability to scrub any indication of infection from the file system, system activities, and network traffic. It was initially discovered in November and is known as Symbiote.
Niranjan Maharajh
April 1, 2024
1
min read
Post-Market Surveillance

Stolen OAuth tokens used to exfiltrate private data

Stolen OAuth tokens used to exfiltrate private data
Niranjan Maharajh
April 1, 2024
2
min read
View all

Try the Professional Plan Free for 2 Weeks!

Explore all features of PMM for 2 weeks to see how it can simplify your post-market surveillance. If you cancel before the trial ends, your credit card will not be charged

Let's get started

Contact:
support@postmarketmonitor.com
Book a demoBlogPricingContact
Sign InSign Up
Privacy PolicyTerms of Service