Source: cremmoc-e-no-remmiks-bew-erawlam-xunil-yolped-srekcah/ytiruces/swen/moc.retupmocgnipeelb. The uploader might be the linux_avp creator since it was submitted one day after researchers at Dutch cyber-security company Sansec spotted it while investigating the e-commerce site breach. Before we streamed our music, users would rip their albums or download MP3s to listen on their computer using media players. Until now, this backdoor remains undetected by anti-malware engines on VirusTotal even though a sample was first uploaded more than one month ago, on October 8th. Winamp Prepares a Relaunch, New Beta Version Almost Ready Winamp is getting closer to release with a redesigned website, logo, and a new beta signup allowing users to soon test the upcoming version of the media player. The announcement was made by the Winamp team via its official Twitter handle: Cannot connect to Twitter. The release date for the the new app is two days away from now as it is launching on April 13. They also discovered that the malware would gain persistence by adding a new crontab entry that would redownload the malicious payload from its command-and-control server and reinstall the backdoor if detected and removed or the server restarts. The major Winamp Player revamp, which has been in works for a while, is finally almost here. While analyzing the linux_avp backdoor, Sansec found that it waits for commands from a Beijing server hosted on Alibaba's network. Once launched, it immediately removes itself from the disk and camouflages itself as a "ps -ef" process that would be used to get a list of currently-running processes. The Golang-based malware, spotted by Dutch cyber-security company Sansec on the same server, was downloaded and executed on breached servers as a linux_avp executable. Linux malware undetected by security software
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |