Security researchers have found a new strain of Linux malware that appears to have been created by Chinese hackers and has been used as a means to remotely control infected systems. Named HiddenWasp, this malware is composed of a user-mode rootkit, a trojan, and an initial deployment script.
Newly discovered HiddenWasp Linux malware shares similarities with DDoS malware, but is actually a backdoor, @ulexec found https://t.co/0jpRUEUGEn pic.twitter.com/seLAFKjmBT
— Virus Bulletin (@virusbtn) May 30, 2019
Experts Comments:
Tom Hegel, Security Researcher at AT&T Alien Labs:
.
Tim Erlin, VP, Product Management and Strategy at Tripwire:
“HiddenWasp isn’t unique in its technology, other than being targeted at Linux. If you’re monitoring your Linux systems for changes to critical files, or for new files appearing, or for other suspicious changes, you’re likely to identify malware like HiddenWasp. You might not know what it is at first, but catching the changes this malware makes will give you an edge on mean time to recovery.”
The opinions expressed in this article belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.