Antivirus detection is bypassed by a new family of Linux malware

Some have been active for over three years

Upon closer inspection, the researchers at AT&T Alien Labs identified these binaries as modified versions of the open source Prism backdoor that has been used in multiple campaigns earlier.

Cybersecurity researchers have uncovered severalmalicious Linux binaries that have successfully managed to sneak past most antivirus products.

“We have conducted further investigation of the samples and discovered that several campaigns using these malicious executables have managed to remain active and under the radar for more than 3.5 years. The oldest samples Alien Labs can attribute to one of the actors date from the 8th of November, 2017,” note the researchers.

Calling Prism a “simplistic and straightforward” backdoor that’s easy to detect, the researchers note that the fact the modified binaries have managed to evade detection for several years is perhaps a result of the security infrastructure focussing its efforts on bigger campaigns, allowing smaller ones to slip through the gaps.

News Summary:

• Antivirus detection is bypassed by a new family of Linux malware
• Check all news and articles from the latest Security news updates.