A newly discovered Linux malware is being used to stealthily steal information from backdoored Linux systems and infect all running processes on the machine.
Dubbed OrBit by Intezer Labs security researchers who first spotted it, this malware hijacks shared libraries to intercept function calls by modifying the LD_PRELOAD environment variable on compromised devices.
While it can gain persistence using two different methods to block removal attempts, OrBit can also be deployed as a volatile implant when copied in shim-memory.
Read more…
Source: Bleeping Computer