The Evolution of IoT Linux Malware Based on MITRE ATT&CK TTPs


In this blog entry, Trend Micro researchers share the findings of an investigation on the internet of things (IoT) Linux malware and analyzed how these malware families have been evolving. Trend Micro relied on the tactics, techniques, and procedures (TTPs) of MITRE ATT&CK to define the malware capabilities and characteristics that we saw.

Trend Micro study showed that IoT Linux malware has been steadily evolving, particularly those that are used to create IoT botnets. Capabilities were both added and removed over time. Notably, neither data exfiltration nor lateral movement has been successful for the authors, and they have pivoted instead to centralized infection.

Read more…
Source: Trend Micro