Chinese security outfit Qihoo 360 Netlab on Wednesday said it has identified Linux backdoor malware that has remained undetected for a number of years.
The firm said its bot monitoring system spotted on March 25 a suspicious ELF program that interacted with four command-and-control (C2) domains over the TCP HTTPS port 443 even though the protocol used isn't actually TLS/SSL.
"A close look at the sample revealed it to be a backdoor targeting Linux X64 systems, a family that has been around for at least three years," Netlab researchers Alex Turing and Hui Wang said in an advisory.
An MD5 signature for the file systemd-daemon first showed up in VirusTotal back on May 16, 2018 without the detection of any known malware. Two other files named systemd-daemon and gvfsd-helper were spotted over ..
Support the originator by clicking the read the rest link below.
