New RotaJakiro Stealthy Linux Malware With System Backdoor Capabilities Went Unnoticed for 3 Years.
Qihoo 360’s Network Security Research Lab, aka 360 NetLab, the research team has discovered a new Linux malware with outstanding backdoor capabilities. The malware is dubbed RotaJakiro, and it allows attackers to steal and exfiltrate sensitive system data from compromised devices.
Reportedly, RotaJakiro can operate stealthily and encrypt all of its communication channels via ROTATE, XOR, AES encryption, and ZLIB compression.
Malware Remained Undetected for Three Years
Research revealed that the RotaJakiro malware avoided detection successfully in the past three years that it has remained active. Even VirusTotal’s anti-malware engines couldn’t detect it for all those years. Despite that, a sample was uploaded in 2018.
In March 2021, 360 NetLab researchers discovered four samples of the malware. All of these so far remained undiscovered by anti-malware engines, and just seven security vendors managed to identify the malware’s latest version as malicious.
RotaJakiro Attacks Linux X64 Machines
It can prevent malware analysts from inspecting it because the resource information within the sample found by 360 NetLab’s BotMon system was encrypted with the AES algorithm.
SEE: Chinese hackers using RedXOR backdoor against Linux systems
More ..
Support the originator by clicking the read the rest link below.
