Symbiote: Undetectable Linux Malware?

FUD, you think?

It seems like it is being used to target the servers of big businesses. I doubt whether it is of much concern to Linux desktop users. However, it’s certainly worth keeping an eye on.

1 Like

Cryptojacking comes to mind.

Not yet.

Color me curious: in what way that is the solution to mitigate the Symbiote malware, if at all posting about it was to seek one? :thinking:

1 Like

I just saw that too. I did not mark it and it added the solution to my profile :thinking:

1 Like

Thank you to @Bryanpwo for unmarking it :grinning:

1 Like

Obviously, you need to disconnect from the network, and then that can’t happen. As a joke aside, caution is obviously better. Not much is known yet about how this new Linux-based malware will spread. I’ve never seen a Linux malware up close in my long career, though I’ve only detected very few viruses on Windows.

Neither have I, but the times are changing.
A few days ago I saw a cryptojacker on a root server mining crypto and consuming 98.6% of CPU.

“The research doesn’t mention how the initial infection occurs, although once it does, it is “very hard to detect,” caution the researchers.”

I guess there’s a reason why they don’t reveal how you get it. Maybe it uses a unknown vulnerability and they wanna give devs some time to fix it before they are revealing it to the public. As a security researcher you don’t wanna spread 0-days to the masses immediately.

I don’t think it’s the case, there are plethora of ways to get in already, it doesn’t really matter (any 0day, supply chain attack, some very poor opsec on target’s side etc), but once you’re in… :woozy_face:

So Blackberry can sell security services. BB has been following me since.

You are right, the security is at the door, but once it’s in… :roll_eyes:

Yeah, you’re right, times are changing. How to get a cryptojacker to root server?


xmrig - popularity 0.39 :thinking:

Popular with who?

Perhaps we should stop discussing ways to do things that people really shouldn’t be doing :melting_face:.


Well, you have to be careful at the AUR.