Shikitega - New stealthy malware targeting Linux

  • 12 September 2022
  • 0 replies
Shikitega - New stealthy malware targeting Linux
Userlevel 5
Badge +3
  • Community Manager
  • 32 replies

AT&T Alien Labs has discovered a new malware targeting endpoints and IoT devices that are running Linux operating systems.
Shikitega is delivered in a multistage infection chain where each module responds to a part of the payload and downloads and executes the next one.
An attacker can gain full control of the system, in addition to the cryptocurrency miner that will be executed and set to persist.

The malware downloads and executes the Metasploit's "Mettle" meterpreter to maximize its control on infected machines.
Shikitega exploits system vulnerabilities to gain high privileges, persist and execute crypto miner.
The malware uses a polymorphic encoder to make it more difficult to detect by anti-virus engines.
Shikitega abuse legitimate cloud services to store some of its command and control servers (C&C).

0 replies

Be the first to reply!