Conversation

Michal Malík

@michalmalik

·

Jun 26, 2019

Very nasty Linux backdoor with multiple components https://virustotal.com/gui/file/c69ee0f12a900adc654d93aef9ad23ea56bdfae8513e534e1a11dca6666d10aa/detection… - Kills & uninstalls AV: clamav, avast, avg, drweb, esets - Very persistent - Uses Gates malware - Uses Brootkit - Uses CVE-2016-5195 to get root - Infects other systems from known_hosts, .bash_history

16

420

837

This Tweet was deleted by the Tweet author. Learn more

Wes

@weskerfoot

Plenty of compliance regulations require you to "run antivirus" even if it makes very little sense in your particular situation

2:19 PM · Jun 27, 2019·Twitter Web Client