Uptycs' threat research team has observed several instances of Linux malware where attackers leverage the inbuilt commands and utilities for a wide range of malicious activities. This article explores Linux commands and utilities commonly used by attackers and how you can use Uptycs EDR detection capabilitiesto find if these have been used in your environment. . In Linux, several utilities and commands are configured by default. Once an adversary gains access to the system, they can leverage these commands and utilities to get their malware up and loaded quickly with full system privileges. And since these commands and utilities are used by users on a daily basis, it can be extremely difficult to detect malicious activities if they have been used for malicious purposes. Using the data sources from customer telemetry, MITRE mapping of the detection alerts, threat intelligence systems and our in-house osquery-based sandbox, we identified around 25 commands and utilities that are most commonly used by attackers. The link for this article located at Uptycs Blog is no longer available. . Linux systems are common targets for attackers, making it vital to understand commands used in attacks and how to detect them for better security with Uptycs EDR. Linux Malware Detection, Attack Command Utilities, Threat Research Insights. . LinuxSecurity.com Team
Get the latest Linux and open source security news straight to your inbox.