How to analyze Linux malware – A case study of Symbiote

Summary Symbiote is a Linux threat that hooks libc and libpcap functions to hide the malicious activity. The malware hides processes and files that are used during the activity by implementing two functions called hidden_proc and hidden_file. It can also hide network connections based on a list of ports and by hijacking any injected packet […]

How to analyze Linux malware – A case study of Symbiote Read More »