Sep 6, 2022
New Linux malware evades detection using multi-stage deployment
Posted by Saúl Morales Rodriguéz in categories: cryptocurrencies, cybercrime/malcode
A new stealthy Linux malware known as Shikitega has been discovered infecting computers and IoT devices with additional payloads.
The malware exploits vulnerabilities to elevate its privileges, adds persistence on the host via crontab, and eventually launches a cryptocurrency miner on infected devices.
Shikitega is quite stealthy, managing to evade anti-virus detection using a polymorphic encoder that makes static, signature-based detection impossible.