Whitepaper samenvatting

ESET- The Dark Side of the ForSSHe

ESET- The Dark Side of the ForSSHe

A little more than three years ago we started hunting for OpenSSH backdoors being used in-the-wild. While we are always trying to improve defenses against Linux malware by discovering and analyzing examples, the scope of this hunt was specifically to catch server-side OpenSSH backdoors. Unfortunately, telemetry on Linux malware is not as readily available as it is on other platforms. Nonetheless, malicious OpenSSH binaries are quite common and have features that help us detect them among legitimate OpenSSH binaries. While, as soon as we got them, we used the samples collected to improve our detection, we only began sorting and analyzing them in 2018. Surprisingly, we discovered many new backdoor families that had never been documented before. We tried to gather as much information about each family we uncovered — for example, leaking the credentials, for honeypots we monitor, to the attackers. This paper is the result of this research and contains indicators of compromise that could help identify compromised servers.

downloaden
Wanneer je dit whitepaper download ga je ermee akkoord dat je door de leverancier benaderd kan worden.
FacebookTwitterLinkedinMailPrint
Kenmerken:
Publicatie datum: 08-02-2019
Bestandstype: pdf
Document: Whitepaper
Taal: EN
Gepubliceerd door: ESET

Lees ook

Top security vacatures

 
Powered by: ICTwerkt.nl
Hoofdmediapartner
Computable Belgie
Mediapartners