New Linux malware is ‘almost impossible’ to detect

A joint research effort has led to the discovery of Symbiote, a new form of Linux malware that is “almost impossible” to detect.

On Thursday, researchers from BlackBerry Threat Research & Intelligence team, together with Intezer security researcher Joakim Kennedy, published a blog post on the malware – dubbed Symbiote because of its “parasitic nature.”

The team discovered Symbiote several months ago. Symbiote differs from today’s typical Linux malware, which normally will attempt to compromise running processes, and instead acts as a shared object (SO) library that is loaded on all running processes via LD_PRELOAD.

Read more…
Source: ZDNet