AT&T Alien Labs has discovered a new malware targeting endpoints and IoT devices that are running Linux operating systems.
Shikitega is delivered in a multistage infection chain where each module responds to a part of the payload and downloads and executes the next one.
An attacker can gain full control of the system, in addition to the cryptocurrency miner that will be executed and set to persist.
The malware downloads and executes the Metasploit's "Mettle" meterpreter to maximize its control on infected machines.
Shikitega exploits system vulnerabilities to gain high privileges, persist and execute crypto miner.
The malware uses a polymorphic encoder to make it more difficult to detect by anti-virus engines.
Shikitega abuse legitimate cloud services to store some of its command and control servers (C&C).
Shikitega - New stealthy malware targeting Linux
Userlevel 5
+3
Be the first to reply!
Reply
Login to the community
No account yet? Create an account
Login
CUSTOMER / CYMULATE EMPLOYEE LOGINor
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.