René's URL Explorer Experiment


Title: GitHub - timb-machine/linux-malware: Tracking interesting Linux (and UNIX) malware. Send PRs · GitHub

Open Graph Title: GitHub - timb-machine/linux-malware: Tracking interesting Linux (and UNIX) malware. Send PRs

X Title: GitHub - timb-machine/linux-malware: Tracking interesting Linux (and UNIX) malware. Send PRs

Description: Tracking interesting Linux (and UNIX) malware. Send PRs - timb-machine/linux-malware

Open Graph Description: Tracking interesting Linux (and UNIX) malware. Send PRs - timb-machine/linux-malware

X Description: Tracking interesting Linux (and UNIX) malware. Send PRs - timb-machine/linux-malware

Opengraph URL: https://github.com/timb-machine/linux-malware

X: @github

direct link

Domain: github.com

route-pattern/:user_id/:repository
route-controllerfiles
route-actiondisambiguate
fetch-noncev2:8ac0a9b3-a8e9-47dc-83be-620ba3840b72
current-catalog-service-hashf3abb0cc802f3d7b95fc8762b94bdcb13bf39634c40c357301c4aa1d67a256fb
request-idCFD6:37764A:C61CF2:10911A2:6A4C545E
html-safe-nonce25e7b3698b71beb716b67974c06df64d0702b64464618a236e922290798468fd
visitor-payloadeyJyZWZlcnJlciI6IiIsInJlcXVlc3RfaWQiOiJDRkQ2OjM3NzY0QTpDNjFDRjI6MTA5MTFBMjo2QTRDNTQ1RSIsInZpc2l0b3JfaWQiOiIxMzI5NDY3MTg1MDY0MzM0NDMxIiwicmVnaW9uX2VkZ2UiOiJpYWQiLCJyZWdpb25fcmVuZGVyIjoiaWFkIn0=
visitor-hmaca6359ae17776b0ead90c5b48ccc764c9ec8c98001897f285fa1bd470e52d8e8d
hovercard-subject-tagrepository:387909635
github-keyboard-shortcutsrepository,copilot
google-site-verificationApib7-x98H0j5cPqHWwSMm6dNU4GmODRoqxLiDzdx9I
octolytics-urlhttps://collector.github.com/github/collect
analytics-location//
fb:app_id1401488693436528
apple-itunes-appapp-id=1477376905, app-argument=https://github.com/timb-machine/linux-malware
twitter:imagehttps://opengraph.githubassets.com/7ef7ac1f2ce8c3988bc1258ba43de34a4a4dc09e7eaa5fbb1ccb099a182fa8f9/timb-machine/linux-malware
twitter:cardsummary_large_image
og:imagehttps://opengraph.githubassets.com/7ef7ac1f2ce8c3988bc1258ba43de34a4a4dc09e7eaa5fbb1ccb099a182fa8f9/timb-machine/linux-malware
og:image:altTracking interesting Linux (and UNIX) malware. Send PRs - timb-machine/linux-malware
og:image:width1200
og:image:height600
og:site_nameGitHub
og:typeobject
hostnamegithub.com
expected-hostnamegithub.com
None3d11bb817438277de2a940854450e83a7d32b6aeb5014e9e6b00a6423900251c
turbo-cache-controlno-cache
go-importgithub.com/timb-machine/linux-malware git https://github.com/timb-machine/linux-malware.git
octolytics-dimension-user_id13330917
octolytics-dimension-user_logintimb-machine
octolytics-dimension-repository_id387909635
octolytics-dimension-repository_nwotimb-machine/linux-malware
octolytics-dimension-repository_publictrue
octolytics-dimension-repository_is_forkfalse
octolytics-dimension-repository_network_root_id387909635
octolytics-dimension-repository_network_root_nwotimb-machine/linux-malware
turbo-body-classeslogged-out env-production page-responsive
disable-turbofalse
browser-stats-urlhttps://api.github.com/_private/browser/stats
browser-errors-urlhttps://api.github.com/_private/browser/errors
release14099438da5379150f15a2892474c7c7e6c0e55e
ui-targetfull
theme-color#1e2327
color-schemelight dark

Links:

Skip to contenthttps://github.com/timb-machine/linux-malware#start-of-content
https://github.com/
Sign in https://github.com/login?return_to=https%3A%2F%2Fgithub.com%2Ftimb-machine%2Flinux-malware
GitHub CopilotWrite better code with AIhttps://github.com/features/copilot
GitHub Copilot appDirect agents from issue to mergehttps://github.com/features/ai/github-app
MCP RegistryNewIntegrate external toolshttps://github.com/mcp
ActionsAutomate any workflowhttps://github.com/features/actions
CodespacesInstant dev environmentshttps://github.com/features/codespaces
IssuesPlan and track workhttps://github.com/features/issues
Code ReviewManage code changeshttps://github.com/features/code-review
GitHub Advanced SecurityFind and fix vulnerabilitieshttps://github.com/security/advanced-security
Code securitySecure your code as you buildhttps://github.com/security/advanced-security/code-security
Secret protectionStop leaks before they starthttps://github.com/security/advanced-security/secret-protection
Why GitHubhttps://github.com/why-github
Documentationhttps://docs.github.com
Bloghttps://github.blog
Changeloghttps://github.blog/changelog
Marketplacehttps://github.com/marketplace
View all featureshttps://github.com/features
Enterpriseshttps://github.com/enterprise
Small and medium teamshttps://github.com/team
Startupshttps://github.com/enterprise/startups
Nonprofitshttps://github.com/solutions/industry/nonprofits
App Modernizationhttps://github.com/solutions/use-case/app-modernization
DevSecOpshttps://github.com/solutions/use-case/devsecops
DevOpshttps://github.com/solutions/use-case/devops
CI/CDhttps://github.com/solutions/use-case/ci-cd
View all use caseshttps://github.com/solutions/use-case
Healthcarehttps://github.com/solutions/industry/healthcare
Financial serviceshttps://github.com/solutions/industry/financial-services
Manufacturinghttps://github.com/solutions/industry/manufacturing
Governmenthttps://github.com/solutions/industry/government
View all industrieshttps://github.com/solutions/industry
View all solutionshttps://github.com/solutions
AIhttps://github.com/resources/articles?topic=ai
Software Developmenthttps://github.com/resources/articles?topic=software-development
DevOpshttps://github.com/resources/articles?topic=devops
Securityhttps://github.com/resources/articles?topic=security
View all topicshttps://github.com/resources/articles
Customer storieshttps://github.com/customer-stories
Events & webinarshttps://github.com/resources/events
Ebooks & reportshttps://github.com/resources/whitepapers
Business insightshttps://github.com/solutions/executive-insights
GitHub Skillshttps://skills.github.com
Documentationhttps://docs.github.com
Customer supporthttps://support.github.com
Community forumhttps://github.com/orgs/community/discussions
Trust centerhttps://github.com/trust-center
Partnershttps://github.com/partners
View all resourceshttps://github.com/resources
GitHub SponsorsFund open source developershttps://github.com/sponsors
Security Labhttps://securitylab.github.com
Maintainer Communityhttps://maintainers.github.com
Acceleratorhttps://github.com/accelerator
GitHub Starshttps://stars.github.com
Archive Programhttps://archiveprogram.github.com
Topicshttps://github.com/topics
Trendinghttps://github.com/trending
Collectionshttps://github.com/collections
Enterprise platformAI-powered developer platformhttps://github.com/enterprise
GitHub Advanced SecurityEnterprise-grade security featureshttps://github.com/security/advanced-security
Copilot for BusinessEnterprise-grade AI featureshttps://github.com/features/copilot/copilot-business
Premium SupportEnterprise-grade 24/7 supporthttps://github.com/premium-support
Pricinghttps://github.com/pricing
Search syntax tipshttps://docs.github.com/search-github/github-code-search/understanding-github-code-search-syntax
documentationhttps://docs.github.com/search-github/github-code-search/understanding-github-code-search-syntax
Sign in https://github.com/login?return_to=https%3A%2F%2Fgithub.com%2Ftimb-machine%2Flinux-malware
Sign up https://github.com/signup?ref_cta=Sign+up&ref_loc=header+logged+out&ref_page=%2F%3Cuser-name%3E%2F%3Crepo-name%3E&source=header-repo&source_repo=timb-machine%2Flinux-malware
Reloadhttps://github.com/timb-machine/linux-malware
Reloadhttps://github.com/timb-machine/linux-malware
Reloadhttps://github.com/timb-machine/linux-malware
timb-machine https://github.com/timb-machine
linux-malwarehttps://github.com/timb-machine/linux-malware
Notifications https://github.com/login?return_to=%2Ftimb-machine%2Flinux-malware
Fork 94 https://github.com/login?return_to=%2Ftimb-machine%2Flinux-malware
Star 1.2k https://github.com/login?return_to=%2Ftimb-machine%2Flinux-malware
Code https://github.com/timb-machine/linux-malware
Issues 793 https://github.com/timb-machine/linux-malware/issues
Pull requests 1 https://github.com/timb-machine/linux-malware/pulls
Actions https://github.com/timb-machine/linux-malware/actions
Security and quality 0 https://github.com/timb-machine/linux-malware/security
Insights https://github.com/timb-machine/linux-malware/pulse
Code https://github.com/timb-machine/linux-malware
Issues https://github.com/timb-machine/linux-malware/issues
Pull requests https://github.com/timb-machine/linux-malware/pulls
Actions https://github.com/timb-machine/linux-malware/actions
Security and quality https://github.com/timb-machine/linux-malware/security
Insights https://github.com/timb-machine/linux-malware/pulse
https://github.com/timb-machine/linux-malware
Brancheshttps://github.com/timb-machine/linux-malware/branches
Tagshttps://github.com/timb-machine/linux-malware/tags
https://github.com/timb-machine/linux-malware/branches
https://github.com/timb-machine/linux-malware/tags
720 Commitshttps://github.com/timb-machine/linux-malware/commits/main/
https://github.com/timb-machine/linux-malware/commits/main/
.githubhttps://github.com/timb-machine/linux-malware/tree/main/.github
.githubhttps://github.com/timb-machine/linux-malware/tree/main/.github
articleshttps://github.com/timb-machine/linux-malware/tree/main/articles
articleshttps://github.com/timb-machine/linux-malware/tree/main/articles
defensivehttps://github.com/timb-machine/linux-malware/tree/main/defensive
defensivehttps://github.com/timb-machine/linux-malware/tree/main/defensive
dochttps://github.com/timb-machine/linux-malware/tree/main/doc
dochttps://github.com/timb-machine/linux-malware/tree/main/doc
intelhttps://github.com/timb-machine/linux-malware/tree/main/intel
intelhttps://github.com/timb-machine/linux-malware/tree/main/intel
malwarehttps://github.com/timb-machine/linux-malware/tree/main/malware
malwarehttps://github.com/timb-machine/linux-malware/tree/main/malware
offensivehttps://github.com/timb-machine/linux-malware/tree/main/offensive
offensivehttps://github.com/timb-machine/linux-malware/tree/main/offensive
srchttps://github.com/timb-machine/linux-malware/tree/main/src
srchttps://github.com/timb-machine/linux-malware/tree/main/src
.gitmoduleshttps://github.com/timb-machine/linux-malware/blob/main/.gitmodules
.gitmoduleshttps://github.com/timb-machine/linux-malware/blob/main/.gitmodules
ATT&CK.mdhttps://github.com/timb-machine/linux-malware/blob/main/ATT%26CK.md
ATT&CK.mdhttps://github.com/timb-machine/linux-malware/blob/main/ATT%26CK.md
COPYINGhttps://github.com/timb-machine/linux-malware/blob/main/COPYING
COPYINGhttps://github.com/timb-machine/linux-malware/blob/main/COPYING
README.mdhttps://github.com/timb-machine/linux-malware/blob/main/README.md
README.mdhttps://github.com/timb-machine/linux-malware/blob/main/README.md
READMEhttps://github.com/timb-machine/linux-malware
Unlicense licensehttps://github.com/timb-machine/linux-malware
linux-malwarehttps://en.wikipedia.org/wiki/Linux_malware
https://github.com/timb-machine/linux-malware#linux-malware
https://camo.githubusercontent.com/5e32f5d92ba0146dd1fe69f55b0dabc964845e0859b19372b72ecf63f4798ed9/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c6173742d636f6d6d69742f74696d622d6d616368696e652f6c696e75782d6d616c776172653f7374796c653d666f722d7468652d6261646765
https://camo.githubusercontent.com/0b9a293ae57bf6569cdec0ded9f42ec55ac2f3b8b1cfa4505b40c7d721ae97ed/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f7372632d7075626c69632d7768697465
https://github.com/timb-machine/linux-malware/blob/main/src/images/linux_kernel_panic_0.png
Rolling 7 day view of updates from this repohttps://github.com/timb-machine/linux-malware/compare/main@%7B7day%7D...main
Submissions?https://github.com/timb-machine/linux-malware/blob/main/doc/HACKING
https://github.com/timb-machine/linux-malware#pressacademia
https://en.wikipedia.org/wiki/Linux_malwarehttps://en.wikipedia.org/wiki/Linux_malware
#17https://github.com/timb-machine/linux-malware/issues/17
https://rp.os3.nl/https://rp.os3.nl/
#30https://github.com/timb-machine/linux-malware/issues/30
https://wikileaks.org/vault7/https://wikileaks.org/vault7/
#31https://github.com/timb-machine/linux-malware/issues/31
https://www.linuxexperten.com/library/e-resources/linux-malware-ever-growing-list-2023https://www.linuxexperten.com/library/e-resources/linux-malware-ever-growing-list-2023
#622https://github.com/timb-machine/linux-malware/issues/622
https://doublepulsar.com/bpfdoor-an-active-chinese-global-surveillance-tool-54b078f1a896https://doublepulsar.com/bpfdoor-an-active-chinese-global-surveillance-tool-54b078f1a896
#422https://github.com/timb-machine/linux-malware/issues/422
#420https://github.com/timb-machine/linux-malware/issues/420
#418https://github.com/timb-machine/linux-malware/issues/418
https://securelist.com/top-10-unattributed-apt-mysteries/107676/https://securelist.com/top-10-unattributed-apt-mysteries/107676/
#552https://github.com/timb-machine/linux-malware/issues/552
https://www.blackberry.com/us/en/pdfviewer?file=/content/dam/blackberry-com/asset/enterprise/pdf/direct/report-bb-2021-threat-report.pdfhttps://www.blackberry.com/us/en/pdfviewer?file=/content/dam/blackberry-com/asset/enterprise/pdf/direct/report-bb-2021-threat-report.pdf
#20https://github.com/timb-machine/linux-malware/issues/20
https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/linux-threat-report-2021-1h-linux-threats-in-the-cloud-and-security-recommendationshttps://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/linux-threat-report-2021-1h-linux-threats-in-the-cloud-and-security-recommendations
#32https://github.com/timb-machine/linux-malware/issues/32
https://www.bleepingcomputer.com/news/security/lockbit-ransomware-encryptors-found-targeting-mac-devices/https://www.bleepingcomputer.com/news/security/lockbit-ransomware-encryptors-found-targeting-mac-devices/
#638https://github.com/timb-machine/linux-malware/issues/638
#644https://github.com/timb-machine/linux-malware/issues/644
https://www.zdnet.com/article/hacker-exposes-thousands-of-insecure-desktops-that-anyone-can-remotely-view/https://www.zdnet.com/article/hacker-exposes-thousands-of-insecure-desktops-that-anyone-can-remotely-view/
#33https://github.com/timb-machine/linux-malware/issues/33
https://www.darkreading.com/attacks-breaches/blackcat-purveyor-shows-ransomware-operators-have-nine-liveshttps://www.darkreading.com/attacks-breaches/blackcat-purveyor-shows-ransomware-operators-have-nine-lives
#41https://github.com/timb-machine/linux-malware/issues/41
#512https://github.com/timb-machine/linux-malware/issues/512
https://www.trendmicro.com/en_us/research/21/l/the-evolution-of-iot-linux-malware-based-on-mitre-att&ck-ttps.htmlhttps://www.trendmicro.com/en_us/research/21/l/the-evolution-of-iot-linux-malware-based-on-mitre-att&ck-ttps.html
#37https://github.com/timb-machine/linux-malware/issues/37
https://reyammer.io/publications/2018_oakland_linuxmalware.pdfhttps://reyammer.io/publications/2018_oakland_linuxmalware.pdf
#28https://github.com/timb-machine/linux-malware/issues/28
https://www.group-ib.com/resources/threat-research/oldgremlin.htmlhttps://www.group-ib.com/resources/threat-research/oldgremlin.html
#573https://github.com/timb-machine/linux-malware/issues/573
https://malpedia.caad.fkie.fraunhofer.de/https://malpedia.caad.fkie.fraunhofer.de/
#29https://github.com/timb-machine/linux-malware/issues/29
https://www.crowdstrike.com/blog/linux-targeted-malware-increased-by-35-percent-in-2021/https://www.crowdstrike.com/blog/linux-targeted-malware-increased-by-35-percent-in-2021/
#40https://github.com/timb-machine/linux-malware/issues/40
https://www.blackberry.com/us/en/pdfviewer?file=/content/dam/blackberry-com/asset/enterprise/pdf/direct/report-bb-decade-of-the-rats.pdfhttps://www.blackberry.com/us/en/pdfviewer?file=/content/dam/blackberry-com/asset/enterprise/pdf/direct/report-bb-decade-of-the-rats.pdf
#21https://github.com/timb-machine/linux-malware/issues/21
https://ieeexplore.ieee.org/document/8418602https://ieeexplore.ieee.org/document/8418602
#25https://github.com/timb-machine/linux-malware/issues/25
https://www.intezer.com/blog/cloud-security/top-linux-cloud-threats-of-2020/https://www.intezer.com/blog/cloud-security/top-linux-cloud-threats-of-2020/
#22https://github.com/timb-machine/linux-malware/issues/22
https://www.fireeye.com/blog/threat-research/2021/09/elfant-in-the-room-capa-v3.htmlhttps://www.fireeye.com/blog/threat-research/2021/09/elfant-in-the-room-capa-v3.html
#34https://github.com/timb-machine/linux-malware/issues/34
https://github.com/CiscoCXSecurity/presentations/raw/master/The%20UNIX%20malware%20landscape%20-%20Reviewing%20the%20goods%20at%20MALWAREbazaar%20v5.pdfhttps://github.com/CiscoCXSecurity/presentations/raw/master/The%20UNIX%20malware%20landscape%20-%20Reviewing%20the%20goods%20at%20MALWAREbazaar%20v5.pdf
#448https://github.com/timb-machine/linux-malware/issues/448
https://www.welivesecurity.com/wp-content/uploads/2018/12/ESET-The_Dark_Side_of_the_ForSSHe.pdfhttps://www.welivesecurity.com/wp-content/uploads/2018/12/ESET-The_Dark_Side_of_the_ForSSHe.pdf
#23https://github.com/timb-machine/linux-malware/issues/23
https://securelist.com/an-overview-of-targeted-attacks-and-apts-on-linux/98440/https://securelist.com/an-overview-of-targeted-attacks-and-apts-on-linux/98440/
#19https://github.com/timb-machine/linux-malware/issues/19
https://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/docs/vmw-exposing-malware-in-linux-based-multi-cloud-environments.pdfhttps://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/docs/vmw-exposing-malware-in-linux-based-multi-cloud-environments.pdf
#101https://github.com/timb-machine/linux-malware/issues/101
#546https://github.com/timb-machine/linux-malware/issues/546
#545https://github.com/timb-machine/linux-malware/issues/545
#547https://github.com/timb-machine/linux-malware/issues/547
#548https://github.com/timb-machine/linux-malware/issues/548
#549https://github.com/timb-machine/linux-malware/issues/549
http://s3.eurecom.fr/~invano/slides/recon18_linux_malware.pdfhttp://s3.eurecom.fr/~invano/slides/recon18_linux_malware.pdf
#27https://github.com/timb-machine/linux-malware/issues/27
https://www.pwc.com/gx/en/issues/cybersecurity/cyber-threat-intelligence/cyber-year-in-retrospect/yir-cyber-threats-report-download.pdfhttps://www.pwc.com/gx/en/issues/cybersecurity/cyber-threat-intelligence/cyber-year-in-retrospect/yir-cyber-threats-report-download.pdf
#417https://github.com/timb-machine/linux-malware/issues/417
https://blog.trendmicro.com/trendlabs-security-intelligence/unix-a-game-changer-in-the-ransomware-landscape/https://blog.trendmicro.com/trendlabs-security-intelligence/unix-a-game-changer-in-the-ransomware-landscape/
#35https://github.com/timb-machine/linux-malware/issues/35
https://en.wikipedia.org/wiki/Mirai_(malware)https://en.wikipedia.org/wiki/Mirai_(malware)
#18https://github.com/timb-machine/linux-malware/issues/18
https://gist.github.com/vlamer/2c2ec2ca80a84ab21a32https://gist.github.com/vlamer/2c2ec2ca80a84ab21a32
#26https://github.com/timb-machine/linux-malware/issues/26
https://www.botconf.eu/wp-content/uploads/2018/12/2018-R-Dumont-H-Porcher-dark_side_of_the_forsshe.pdfhttps://www.botconf.eu/wp-content/uploads/2018/12/2018-R-Dumont-H-Porcher-dark_side_of_the_forsshe.pdf
#24https://github.com/timb-machine/linux-malware/issues/24
https://spectrum.ieee.org/amp/mirai-botnet-2659993631https://spectrum.ieee.org/amp/mirai-botnet-2659993631
#676https://github.com/timb-machine/linux-malware/issues/676
https://github.com/timb-machine/linux-malware#in-the-wild
https://github.com/timb-machine/linux-malware#breach-reports
https://www.volexity.com/blog/2022/06/02/zero-day-exploitation-of-atlassian-confluence/https://www.volexity.com/blog/2022/06/02/zero-day-exploitation-of-atlassian-confluence/
#446https://github.com/timb-machine/linux-malware/issues/446
https://permiso.io/blog/s/unmasking-guivil-new-cloud-threat-actor/https://permiso.io/blog/s/unmasking-guivil-new-cloud-threat-actor/
#677https://github.com/timb-machine/linux-malware/issues/677
https://www.freedownloadmanager.org/blog/?p=664https://www.freedownloadmanager.org/blog/?p=664
#765https://github.com/timb-machine/linux-malware/issues/765
#766https://github.com/timb-machine/linux-malware/issues/766
#816https://github.com/timb-machine/linux-malware/issues/816
http://securelist.com/backdoored-free-download-manager-linux-malware/110465/http://securelist.com/backdoored-free-download-manager-linux-malware/110465/
#766https://github.com/timb-machine/linux-malware/issues/766
#765https://github.com/timb-machine/linux-malware/issues/765
#816https://github.com/timb-machine/linux-malware/issues/816
https://twitter.com/1ZRR4H/status/1560662815400407040https://twitter.com/1ZRR4H/status/1560662815400407040
#507https://github.com/timb-machine/linux-malware/issues/507
https://www.sec.gov/Archives/edgar/data/1609711/000160971121000122/gddyblogpostnov222021.htmhttps://www.sec.gov/Archives/edgar/data/1609711/000160971121000122/gddyblogpostnov222021.htm
#42https://github.com/timb-machine/linux-malware/issues/42
https://bitbucket.org/workspacespain/i-s00n-translatedhttps://bitbucket.org/workspacespain/i-s00n-translated
#799https://github.com/timb-machine/linux-malware/issues/799
https://github.com/timb-machine/linux-malware#supply-chain-attacks
https://www.heise.de/security/meldung/Achtung-Anzeigen-Server-OpenX-enthaelt-eine-Hintertuer-1929769.htmlhttps://www.heise.de/security/meldung/Achtung-Anzeigen-Server-OpenX-enthaelt-eine-Hintertuer-1929769.html
#295https://github.com/timb-machine/linux-malware/issues/295
https://arstechnica.com/information-technology/2012/09/questions-abound-as-malicious-phpmyadmin-backdoor-found-on-sourceforge-site/https://arstechnica.com/information-technology/2012/09/questions-abound-as-malicious-phpmyadmin-backdoor-found-on-sourceforge-site/
#47https://github.com/timb-machine/linux-malware/issues/47
https://lists.archlinux.org/pipermail/aur-general/2018-July/034169.htmlhttps://lists.archlinux.org/pipermail/aur-general/2018-July/034169.html
#523https://github.com/timb-machine/linux-malware/issues/523
#525https://github.com/timb-machine/linux-malware/issues/525
https://lwn.net/Articles/371110/https://lwn.net/Articles/371110/
#291https://github.com/timb-machine/linux-malware/issues/291
https://news.ycombinator.com/item?id=17501379https://news.ycombinator.com/item?id=17501379
#525https://github.com/timb-machine/linux-malware/issues/525
https://dev.horde.org/h/jonah/stories/view.php?channel_id=1&id=155https://dev.horde.org/h/jonah/stories/view.php?channel_id=1&id=155
#46https://github.com/timb-machine/linux-malware/issues/46
https://portswigger.net/daily-swig/homebrew-bug-allowed-researcher-full-access-to-github-reposhttps://portswigger.net/daily-swig/homebrew-bug-allowed-researcher-full-access-to-github-repos
#290https://github.com/timb-machine/linux-malware/issues/290
https://securelist.com/beware-of-backdoored-linux-mint-isos/73893/https://securelist.com/beware-of-backdoored-linux-mint-isos/73893/
#543https://github.com/timb-machine/linux-malware/issues/543
https://github.com/SecurityFail/kompromathttps://github.com/SecurityFail/kompromat
#813https://github.com/timb-machine/linux-malware/issues/813
https://blog.phylum.io/dozens-of-npm-packages-caught-attempting-to-deploy-reverse-shell/https://blog.phylum.io/dozens-of-npm-packages-caught-attempting-to-deploy-reverse-shell/
#787https://github.com/timb-machine/linux-malware/issues/787
canonical/snapcraft.io#651https://github.com/canonical/snapcraft.io/issues/651
#296https://github.com/timb-machine/linux-malware/issues/296
https://www.rapid7.com/db/modules/exploit/unix/irc/unreal_ircd_3281_backdoor/https://www.rapid7.com/db/modules/exploit/unix/irc/unreal_ircd_3281_backdoor/
#45https://github.com/timb-machine/linux-malware/issues/45
https://securitylab.github.com/research/octopus-scanner-malware-open-source-supply-chain/https://securitylab.github.com/research/octopus-scanner-malware-open-source-supply-chain/
#289https://github.com/timb-machine/linux-malware/issues/289
http://www.h-online.com/open/news/item/MyBB-downloads-were-infected-1366300.htmlhttp://www.h-online.com/open/news/item/MyBB-downloads-were-infected-1366300.html
#292https://github.com/timb-machine/linux-malware/issues/292
https://lirantal.medium.com/a-snyks-post-mortem-of-the-malicious-event-stream-npm-package-backdoor-40be813022bbhttps://lirantal.medium.com/a-snyks-post-mortem-of-the-malicious-event-stream-npm-package-backdoor-40be813022bb
#293https://github.com/timb-machine/linux-malware/issues/293
https://blog.sonatype.com/newly-found-npm-malware-mines-cryptocurrency-on-windows-linux-macos-deviceshttps://blog.sonatype.com/newly-found-npm-malware-mines-cryptocurrency-on-windows-linux-macos-devices
#294https://github.com/timb-machine/linux-malware/issues/294
https://scarybeastsecurity.blogspot.com/2011/07/alert-vsftpd-download-backdoored.htmlhttps://scarybeastsecurity.blogspot.com/2011/07/alert-vsftpd-download-backdoored.html
#49https://github.com/timb-machine/linux-malware/issues/49
https://arstechnica.com/security/2023/09/password-stealing-linux-malware-served-for-3-years-and-no-one-noticed/https://arstechnica.com/security/2023/09/password-stealing-linux-malware-served-for-3-years-and-no-one-noticed/
#816https://github.com/timb-machine/linux-malware/issues/816
#765https://github.com/timb-machine/linux-malware/issues/765
#766https://github.com/timb-machine/linux-malware/issues/766
https://blog.sonatype.com/pypi-package-secretslib-drops-fileless-linux-malware-to-mine-monerohttps://blog.sonatype.com/pypi-package-secretslib-drops-fileless-linux-malware-to-mine-monero
#495https://github.com/timb-machine/linux-malware/issues/495
https://www.aldeid.com/wiki/Exploits/proftpd-1.3.3c-backdoorhttps://www.aldeid.com/wiki/Exploits/proftpd-1.3.3c-backdoor
#44https://github.com/timb-machine/linux-malware/issues/44
https://www.webmin.com/exploit.htmlhttps://www.webmin.com/exploit.html
#43https://github.com/timb-machine/linux-malware/issues/43
https://portswigger.net/daily-swig/backdoor-planted-in-php-git-repository-after-server-hackhttps://portswigger.net/daily-swig/backdoor-planted-in-php-git-repository-after-server-hack
#48https://github.com/timb-machine/linux-malware/issues/48
https://github.com/timb-machine/linux-malware#malware-reports
https://www.deepinstinct.com/blog/bpfdoor-malware-evolves-stealthy-sniffing-backdoor-ups-its-gamehttps://www.deepinstinct.com/blog/bpfdoor-malware-evolves-stealthy-sniffing-backdoor-ups-its-game
#658https://github.com/timb-machine/linux-malware/issues/658
/malware/binaries/BPFDoorhttps://github.com/timb-machine/linux-malware/tree/main/malware/binaries/BPFDoor
https://blogs-jpcert-or-jp.translate.goog/ja/2023/07/dangerouspassword_dev.htmlhttps://blogs-jpcert-or-jp.translate.goog/ja/2023/07/dangerouspassword_dev.html
#721https://github.com/timb-machine/linux-malware/issues/721
https://blogs.blackberry.com/en/2020/06/threat-spotlight-tycoon-ransomware-targets-education-and-software-sectorshttps://blogs.blackberry.com/en/2020/06/threat-spotlight-tycoon-ransomware-targets-education-and-software-sectors
#305https://github.com/timb-machine/linux-malware/issues/305
https://www.akamai.com/blog/security-research/updated-kmsdbot-binary-targeting-iothttps://www.akamai.com/blog/security-research/updated-kmsdbot-binary-targeting-iot
#744https://github.com/timb-machine/linux-malware/issues/744
https://media.defense.gov/2020/Aug/13/2002476465/-1/-1/0/CSA_DROVORUB_RUSSIAN_GRU_MALWARE_AUG_2020.PDFhttps://media.defense.gov/2020/Aug/13/2002476465/-1/-1/0/CSA_DROVORUB_RUSSIAN_GRU_MALWARE_AUG_2020.PDF
#67https://github.com/timb-machine/linux-malware/issues/67
https://www.countercraftsec.com/blog/a-step-by-step-bpfdoor-compromise/https://www.countercraftsec.com/blog/a-step-by-step-bpfdoor-compromise/
#643https://github.com/timb-machine/linux-malware/issues/643
/malware/binaries/BPFDoorhttps://github.com/timb-machine/linux-malware/tree/main/malware/binaries/BPFDoor
https://hybrid-analysis.com/sample/eb8826bac873442045a6a05f1fa25b410ca18db6942053f6d146467c00d5338dhttps://hybrid-analysis.com/sample/eb8826bac873442045a6a05f1fa25b410ca18db6942053f6d146467c00d5338d
#508https://github.com/timb-machine/linux-malware/issues/508
https://imgur.com/a/4YxuSfVhttps://imgur.com/a/4YxuSfV
#79https://github.com/timb-machine/linux-malware/issues/79
https://www.intezer.com/blog/malware-analysis/new-linux-backdoor-redxor-likely-operated-by-chinese-nation-state-actor/https://www.intezer.com/blog/malware-analysis/new-linux-backdoor-redxor-likely-operated-by-chinese-nation-state-actor/
#325https://github.com/timb-machine/linux-malware/issues/325
https://cybersecurity.att.com/blogs/labs-research/shikitega-new-stealthy-malware-targeting-linuxhttps://cybersecurity.att.com/blogs/labs-research/shikitega-new-stealthy-malware-targeting-linux
#510https://github.com/timb-machine/linux-malware/issues/510
/malware/binaries/Shikitegahttps://github.com/timb-machine/linux-malware/tree/main/malware/binaries/Shikitega
https://twitter.com/IntezerLabs/status/1288487307369222145https://twitter.com/IntezerLabs/status/1288487307369222145
#331https://github.com/timb-machine/linux-malware/issues/331
https://ultimacybr.co.uk/2023-10-04-Sysrv/https://ultimacybr.co.uk/2023-10-04-Sysrv/
#767https://github.com/timb-machine/linux-malware/issues/767
https://www.stormshield.com/news/orbit-analysis-of-a-linux-dedicated-malware/https://www.stormshield.com/news/orbit-analysis-of-a-linux-dedicated-malware/
#601https://github.com/timb-machine/linux-malware/issues/601
/malware/binaries/OrBithttps://github.com/timb-machine/linux-malware/tree/main/malware/binaries/OrBit
https://blog.polyswarm.io/lightning-frameworkhttps://blog.polyswarm.io/lightning-framework
#506https://github.com/timb-machine/linux-malware/issues/506
/malware/binaries/Lightninghttps://github.com/timb-machine/linux-malware/tree/main/malware/binaries/Lightning
https://www.mandiant.com/resources/blog/vmware-esxi-zero-day-bypasshttps://www.mandiant.com/resources/blog/vmware-esxi-zero-day-bypass
#692https://github.com/timb-machine/linux-malware/issues/692
https://www.intezer.com/blog/malware-analysis/evilgnome-rare-malware-spying-on-linux-desktop-users/https://www.intezer.com/blog/malware-analysis/evilgnome-rare-malware-spying-on-linux-desktop-users/
#323https://github.com/timb-machine/linux-malware/issues/323
https://unit42.paloaltonetworks.com/ech0raix-ransomware-soho/https://unit42.paloaltonetworks.com/ech0raix-ransomware-soho/
#307https://github.com/timb-machine/linux-malware/issues/307
https://www.trendmicro.com/en_us/research/22/h/irontiger-compromises-chat-app-Mimi-targets-windows-mac-linux-users.htmlhttps://www.trendmicro.com/en_us/research/22/h/irontiger-compromises-chat-app-Mimi-targets-windows-mac-linux-users.html
#501https://github.com/timb-machine/linux-malware/issues/501
https://www.lacework.com/blog/sysrv-hello-expands-infrastructure/https://www.lacework.com/blog/sysrv-hello-expands-infrastructure/
#565https://github.com/timb-machine/linux-malware/issues/565
#566https://github.com/timb-machine/linux-malware/issues/566
https://www.uptycs.com/blog/threat-research-report-team/new-poc-exploit-backdoor-malwarehttps://www.uptycs.com/blog/threat-research-report-team/new-poc-exploit-backdoor-malware
#814https://github.com/timb-machine/linux-malware/issues/814
#710https://github.com/timb-machine/linux-malware/issues/710
#711https://github.com/timb-machine/linux-malware/issues/711
#724https://github.com/timb-machine/linux-malware/issues/724
https://www.cadosecurity.com/kiss-a-dog-discovered-utilizing-a-20-year-old-process-hider/https://www.cadosecurity.com/kiss-a-dog-discovered-utilizing-a-20-year-old-process-hider/
#770https://github.com/timb-machine/linux-malware/issues/770
https://blog.talosintelligence.com/2022/08/manjusaka-offensive-framework.htmlhttps://blog.talosintelligence.com/2022/08/manjusaka-offensive-framework.html
#490https://github.com/timb-machine/linux-malware/issues/490
https://imp0rtp3.wordpress.com/2021/11/25/sowat/https://imp0rtp3.wordpress.com/2021/11/25/sowat/
#400https://github.com/timb-machine/linux-malware/issues/400
#140https://github.com/timb-machine/linux-malware/issues/140
#131https://github.com/timb-machine/linux-malware/issues/131
https://imgur.com/a/vS7xVhttps://imgur.com/a/vS7xV
#75https://github.com/timb-machine/linux-malware/issues/75
https://www.microsoft.com/security/blog/2022/05/19/rise-in-xorddos-a-deeper-look-at-the-stealthy-ddos-malware-targeting-linux-devices/https://www.microsoft.com/security/blog/2022/05/19/rise-in-xorddos-a-deeper-look-at-the-stealthy-ddos-malware-targeting-linux-devices/
#439https://github.com/timb-machine/linux-malware/issues/439
#129https://github.com/timb-machine/linux-malware/issues/129
https://www.microsoft.com/security/blog/2021/07/22/when-coin-miners-evolve-part-1-exposing-lemonduck-and-lemoncat-modern-mining-malware-infrastructure/https://www.microsoft.com/security/blog/2021/07/22/when-coin-miners-evolve-part-1-exposing-lemonduck-and-lemoncat-modern-mining-malware-infrastructure/
#56https://github.com/timb-machine/linux-malware/issues/56
https://imgur.com/a/2zRCthttps://imgur.com/a/2zRCt
#318https://github.com/timb-machine/linux-malware/issues/318
https://blogs.blackberry.com/en/2021/12/reverse-engineering-ebpfkit-rootkit-with-blackberrys-free-ida-processor-toolhttps://blogs.blackberry.com/en/2021/12/reverse-engineering-ebpfkit-rootkit-with-blackberrys-free-ida-processor-tool
#405https://github.com/timb-machine/linux-malware/issues/405
https://twitter.com/ESETresearch/status/1454100591261667329?s=20https://twitter.com/ESETresearch/status/1454100591261667329?s=20
#390https://github.com/timb-machine/linux-malware/issues/390
https://www.sentinelone.com/labs/the-mystery-of-metador-an-unattributed-threat-hiding-in-telcos-isps-and-universities/https://www.sentinelone.com/labs/the-mystery-of-metador-an-unattributed-threat-hiding-in-telcos-isps-and-universities/
#526https://github.com/timb-machine/linux-malware/issues/526
https://blog.polyswarm.io/darkangels-linux-ransomwarehttps://blog.polyswarm.io/darkangels-linux-ransomware
#666https://github.com/timb-machine/linux-malware/issues/666
https://haxrob.net/fastcash-for-linux/https://haxrob.net/fastcash-for-linux/
#815https://github.com/timb-machine/linux-malware/issues/815
#407https://github.com/timb-machine/linux-malware/issues/407
#312https://github.com/timb-machine/linux-malware/issues/312
#135https://github.com/timb-machine/linux-malware/issues/135
https://cert.gov.ua/article/4501891https://cert.gov.ua/article/4501891
#651https://github.com/timb-machine/linux-malware/issues/651
https://twitter.com/ankit_anubhav/status/1490574137370103808https://twitter.com/ankit_anubhav/status/1490574137370103808
#483https://github.com/timb-machine/linux-malware/issues/483
#482https://github.com/timb-machine/linux-malware/issues/482
https://www.trendmicro.com/en_us/research/23/e/investigating-blacksuit-ransomwares-similarities-to-royal.htmlhttps://www.trendmicro.com/en_us/research/23/e/investigating-blacksuit-ransomwares-similarities-to-royal.html
#698https://github.com/timb-machine/linux-malware/issues/698
https://blog.malwaremustdie.org/2020/01/mmd-0065-2020-linuxmirai-fbot.htmlhttps://blog.malwaremustdie.org/2020/01/mmd-0065-2020-linuxmirai-fbot.html
#58https://github.com/timb-machine/linux-malware/issues/58
https://vms.drweb.com/virus/?i=21004786https://vms.drweb.com/virus/?i=21004786
#433https://github.com/timb-machine/linux-malware/issues/433
https://www.welivesecurity.com/2018/12/05/dark-side-of-the-forsshe/kessel-dns-exfiltration-2/https://www.welivesecurity.com/2018/12/05/dark-side-of-the-forsshe/kessel-dns-exfiltration-2/
#372https://github.com/timb-machine/linux-malware/issues/372
https://www.securonix.com/blog/detecting-the-enemybot-botnet-advisory/https://www.securonix.com/blog/detecting-the-enemybot-botnet-advisory/
#444https://github.com/timb-machine/linux-malware/issues/444
https://www.intezer.com/blog/research/new-golang-worm-drops-xmrig-miner-on-servers/https://www.intezer.com/blog/research/new-golang-worm-drops-xmrig-miner-on-servers/
#566https://github.com/timb-machine/linux-malware/issues/566
https://blog.trendmicro.com/trendlabs-security-intelligence/exposed-docker-control-api-and-community-image-abused-to-deliver-cryptocurrency-mining-malware/https://blog.trendmicro.com/trendlabs-security-intelligence/exposed-docker-control-api-and-community-image-abused-to-deliver-cryptocurrency-mining-malware/
#344https://github.com/timb-machine/linux-malware/issues/344
https://twitter.com/malwaremustd1e/status/1264417940742389762https://twitter.com/malwaremustd1e/status/1264417940742389762
#316https://github.com/timb-machine/linux-malware/issues/316
https://www.pangulab.cn/files/The_Bvp47_a_top-tier_backdoor_of_us_nsa_equation_group.en.pdfhttps://www.pangulab.cn/files/The_Bvp47_a_top-tier_backdoor_of_us_nsa_equation_group.en.pdf
#99https://github.com/timb-machine/linux-malware/issues/99
https://csirt.egi.eu/attacks-on-multiple-hpc-sites/https://csirt.egi.eu/attacks-on-multiple-hpc-sites/
#376https://github.com/timb-machine/linux-malware/issues/376
https://old.reddit.com/r/LinuxMalware/comments/fh3zar/memo_rhombus_an_elf_bot_installerdropper/https://old.reddit.com/r/LinuxMalware/comments/fh3zar/memo_rhombus_an_elf_bot_installerdropper/
#360https://github.com/timb-machine/linux-malware/issues/360
https://blog.lumen.com/routers-from-the-underground-exposing-avrecon/https://blog.lumen.com/routers-from-the-underground-exposing-avrecon/
#716https://github.com/timb-machine/linux-malware/issues/716
#717https://github.com/timb-machine/linux-malware/issues/717
https://blog.aquasec.com/threat-alert-anatomy-of-silentbobs-cloud-attackhttps://blog.aquasec.com/threat-alert-anatomy-of-silentbobs-cloud-attack
#715https://github.com/timb-machine/linux-malware/issues/715
https://blog.malwaremustdie.org/2019/09/mmd-0064-2019-linuxairdropbot.htmlhttps://blog.malwaremustdie.org/2019/09/mmd-0064-2019-linuxairdropbot.html
#366https://github.com/timb-machine/linux-malware/issues/366
https://securelist.com/the-penquin-turla-2/67962/https://securelist.com/the-penquin-turla-2/67962/
#593https://github.com/timb-machine/linux-malware/issues/593
https://www.signalblur.io/through-the-looking-glasshttps://www.signalblur.io/through-the-looking-glass
#756https://github.com/timb-machine/linux-malware/issues/756
https://unit42.paloaltonetworks.com/gobruteforcer-golang-botnet/https://unit42.paloaltonetworks.com/gobruteforcer-golang-botnet/
#636https://github.com/timb-machine/linux-malware/issues/636
https://github.com/akamai/akamai-security-research/tree/main/malware/panchanhttps://github.com/akamai/akamai-security-research/tree/main/malware/panchan
#477https://github.com/timb-machine/linux-malware/issues/477
/malware/binaries/pan-chanhttps://github.com/timb-machine/linux-malware/tree/main/malware/binaries/pan-chan
https://www.cisa.gov/news-events/alerts/2023/07/28/cisa-releases-malware-analysis-reports-barracuda-backdoorshttps://www.cisa.gov/news-events/alerts/2023/07/28/cisa-releases-malware-analysis-reports-barracuda-backdoors
#729https://github.com/timb-machine/linux-malware/issues/729
#730https://github.com/timb-machine/linux-malware/issues/730
#731https://github.com/timb-machine/linux-malware/issues/731
https://www.welivesecurity.com/2021/10/07/fontonlake-previously-unknown-malware-family-targeting-linux/https://www.welivesecurity.com/2021/10/07/fontonlake-previously-unknown-malware-family-targeting-linux/
#381https://github.com/timb-machine/linux-malware/issues/381
https://netadr.github.io/blog/a-quick-glimpse-sbz/https://netadr.github.io/blog/a-quick-glimpse-sbz/
#596https://github.com/timb-machine/linux-malware/issues/596
https://twitter.com/ESETresearch/status/1410864752948043778https://twitter.com/ESETresearch/status/1410864752948043778
#104https://github.com/timb-machine/linux-malware/issues/104
https://www.welivesecurity.com/2014/02/21/an-in-depth-analysis-of-linuxebury/https://www.welivesecurity.com/2014/02/21/an-in-depth-analysis-of-linuxebury/
#371https://github.com/timb-machine/linux-malware/issues/371
https://www.leonardocompany.com/documents/20142/10868623/Malware+Technical+Insight+_Turla+%E2%80%9CPenquin_x64%E2%80%9D.pdfhttps://www.leonardocompany.com/documents/20142/10868623/Malware+Technical+Insight+_Turla+%E2%80%9CPenquin_x64%E2%80%9D.pdf
#338https://github.com/timb-machine/linux-malware/issues/338
https://www.intezer.com/blog/research/a-storm-is-brewing-ipstorm-now-has-linux-malware/https://www.intezer.com/blog/research/a-storm-is-brewing-ipstorm-now-has-linux-malware/
#299https://github.com/timb-machine/linux-malware/issues/299
/malware/binaries/Unix.Trojan.Ipstormhttps://github.com/timb-machine/linux-malware/tree/main/malware/binaries/Unix.Trojan.Ipstorm
https://cybersecurity.att.com/blogs/labs-research/botenago-strike-again-malware-source-code-uploaded-to-githubhttps://cybersecurity.att.com/blogs/labs-research/botenago-strike-again-malware-source-code-uploaded-to-github
#97https://github.com/timb-machine/linux-malware/issues/97
https://www.cadosecurity.com/updates-to-legion-a-cloud-credential-harvester-and-smtp-hijacker/https://www.cadosecurity.com/updates-to-legion-a-cloud-credential-harvester-and-smtp-hijacker/
#678https://github.com/timb-machine/linux-malware/issues/678
https://cybersecurity.att.com/blogs/labs-research/revils-new-linux-versionhttps://cybersecurity.att.com/blogs/labs-research/revils-new-linux-version
#309https://github.com/timb-machine/linux-malware/issues/309
https://www.bitdefender.com/files/News/CaseStudies/study/319/Bitdefender-PR-Whitepaper-DarkNexus-creat4349-en-EN-interactive.pdfhttps://www.bitdefender.com/files/News/CaseStudies/study/319/Bitdefender-PR-Whitepaper-DarkNexus-creat4349-en-EN-interactive.pdf
#518https://github.com/timb-machine/linux-malware/issues/518
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/honeypot-recon-new-variant-of-skidmap-targeting-redis/https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/honeypot-recon-new-variant-of-skidmap-targeting-redis/
#750https://github.com/timb-machine/linux-malware/issues/750
https://www.mandiant.com/resources/unc2891-overviewhttps://www.mandiant.com/resources/unc2891-overview
#112https://github.com/timb-machine/linux-malware/issues/112
#134https://github.com/timb-machine/linux-malware/issues/134
#154https://github.com/timb-machine/linux-malware/issues/154
https://int0x33.medium.com/day-27-tiny-shell-48df6abb0d5dhttps://int0x33.medium.com/day-27-tiny-shell-48df6abb0d5d
#616https://github.com/timb-machine/linux-malware/issues/616
#481https://github.com/timb-machine/linux-malware/issues/481
https://www.gosecure.net/blog/2018/02/14/chaos-a-stolen-backdoor-rising/https://www.gosecure.net/blog/2018/02/14/chaos-a-stolen-backdoor-rising/
#395https://github.com/timb-machine/linux-malware/issues/395
/malware/binaries/Chaoshttps://github.com/timb-machine/linux-malware/tree/main/malware/binaries/Chaos
https://www.welivesecurity.com/2016/12/20/new-linuxrakos-threat-devices-servers-ssh-scan/https://www.welivesecurity.com/2016/12/20/new-linuxrakos-threat-devices-servers-ssh-scan/
#348https://github.com/timb-machine/linux-malware/issues/348
https://sysdig.com/blog/muhstik-malware-botnet-analysis/https://sysdig.com/blog/muhstik-malware-botnet-analysis/
#90https://github.com/timb-machine/linux-malware/issues/90
https://www.intezer.com/blog/malware-analysis/linux-rekoobe-operating-with-new-undetected-malware-samples/https://www.intezer.com/blog/malware-analysis/linux-rekoobe-operating-with-new-undetected-malware-samples/
#479https://github.com/timb-machine/linux-malware/issues/479
https://old.reddit.com/r/LinuxMalware/comments/f26amt/new_systemten_botnet_miner_threat_now_wother/https://old.reddit.com/r/LinuxMalware/comments/f26amt/new_systemten_botnet_miner_threat_now_wother/
#357https://github.com/timb-machine/linux-malware/issues/357
https://www.akamai.com/blog/security-research/hinatabot-uncovering-new-golang-ddos-botnethttps://www.akamai.com/blog/security-research/hinatabot-uncovering-new-golang-ddos-botnet
#623https://github.com/timb-machine/linux-malware/issues/623
https://yoroi.company/research/shadows-from-the-past-threaten-italian-enterprises/https://yoroi.company/research/shadows-from-the-past-threaten-italian-enterprises/
#65https://github.com/timb-machine/linux-malware/issues/65
#134https://github.com/timb-machine/linux-malware/issues/134
https://sansec.io/research/cronrathttps://sansec.io/research/cronrat
#399https://github.com/timb-machine/linux-malware/issues/399
https://www.sandflysecurity.com/blog/bpfdoor-an-evasive-linux-backdoor-technical-analysis/https://www.sandflysecurity.com/blog/bpfdoor-an-evasive-linux-backdoor-technical-analysis/
#434https://github.com/timb-machine/linux-malware/issues/434
#420https://github.com/timb-machine/linux-malware/issues/420
#418https://github.com/timb-machine/linux-malware/issues/418
https://raw.githubusercontent.com/bg6cq/ITTS/master/security/mine/README.mdhttps://raw.githubusercontent.com/bg6cq/ITTS/master/security/mine/README.md
#352https://github.com/timb-machine/linux-malware/issues/352
http://it.rising.com.cn/fanglesuo/19851.htmlhttp://it.rising.com.cn/fanglesuo/19851.html
#96https://github.com/timb-machine/linux-malware/issues/96
https://www.wiz.io/blog/pyloose-first-python-based-fileless-attack-on-cloud-workloadshttps://www.wiz.io/blog/pyloose-first-python-based-fileless-attack-on-cloud-workloads
#723https://github.com/timb-machine/linux-malware/issues/723
https://asec.ahnlab.com/en/54647/https://asec.ahnlab.com/en/54647/
#707https://github.com/timb-machine/linux-malware/issues/707
#154https://github.com/timb-machine/linux-malware/issues/154
#706https://github.com/timb-machine/linux-malware/issues/706
https://imgur.com/a/a6RaZMPhttps://imgur.com/a/a6RaZMP
#87https://github.com/timb-machine/linux-malware/issues/87
https://blogs.jpcert.or.jp/en/2020/11/elf-plead.htmlhttps://blogs.jpcert.or.jp/en/2020/11/elf-plead.html
#336https://github.com/timb-machine/linux-malware/issues/336
https://www.bitdefender.com/files/News/CaseStudies/study/376/Bitdefender-Whitepaper-IPStorm.pdfhttps://www.bitdefender.com/files/News/CaseStudies/study/376/Bitdefender-Whitepaper-IPStorm.pdf
#493https://github.com/timb-machine/linux-malware/issues/493
/malware/binaries/Unix.Trojan.Ipstormhttps://github.com/timb-machine/linux-malware/tree/main/malware/binaries/Unix.Trojan.Ipstorm
https://blogs.juniper.net/en-us/threat-research/linux-servers-hijacked-to-implant-ssh-backdoorhttps://blogs.juniper.net/en-us/threat-research/linux-servers-hijacked-to-implant-ssh-backdoor
#547https://github.com/timb-machine/linux-malware/issues/547
https://blog.qualys.com/vulnerabilities-threat-research/2023/05/17/new-strain-of-sotdas-malware-discoveredhttps://blog.qualys.com/vulnerabilities-threat-research/2023/05/17/new-strain-of-sotdas-malware-discovered
#693https://github.com/timb-machine/linux-malware/issues/693
https://blog.talosintelligence.com/lazarus-collectionrat/https://blog.talosintelligence.com/lazarus-collectionrat/
#752https://github.com/timb-machine/linux-malware/issues/752
#751https://github.com/timb-machine/linux-malware/issues/751
https://securelist.com/a-bad-luck-blackcat/106254/?_sp=3b4159db-9e20-4bfa-a47f-f8671b594d75.1649770307513https://securelist.com/a-bad-luck-blackcat/106254/?_sp=3b4159db-9e20-4bfa-a47f-f8671b594d75.1649770307513
#118https://github.com/timb-machine/linux-malware/issues/118
#512https://github.com/timb-machine/linux-malware/issues/512
https://imgur.com/a/53f29O9https://imgur.com/a/53f29O9
#61https://github.com/timb-machine/linux-malware/issues/61
https://gist.github.com/unixfreaxjp/7b8bd6be614f7a051fc9a9da760d3138https://gist.github.com/unixfreaxjp/7b8bd6be614f7a051fc9a9da760d3138
#362https://github.com/timb-machine/linux-malware/issues/362
https://www.uptycs.com/blog/mirai-code-re-use-in-gafgythttps://www.uptycs.com/blog/mirai-code-re-use-in-gafgyt
#320https://github.com/timb-machine/linux-malware/issues/320
https://www.cyberark.com/resources/threat-research-blog/kinsing-the-malware-with-two-faceshttps://www.cyberark.com/resources/threat-research-blog/kinsing-the-malware-with-two-faces
#115https://github.com/timb-machine/linux-malware/issues/115
https://twitter.com/malwrhunterteam/status/1422972905541996546https://twitter.com/malwrhunterteam/status/1422972905541996546
#374https://github.com/timb-machine/linux-malware/issues/374
https://blog.netlab.360.com/ghost-in-action-the-specter-botnet/https://blog.netlab.360.com/ghost-in-action-the-specter-botnet/
#105https://github.com/timb-machine/linux-malware/issues/105
https://www.fireeye.com/blog/threat-research/2021/05/shining-a-light-on-darkside-ransomware-operations.htmlhttps://www.fireeye.com/blog/threat-research/2021/05/shining-a-light-on-darkside-ransomware-operations.html
#321https://github.com/timb-machine/linux-malware/issues/321
https://www.prodaft.com/resource/detail/conti-ransomware-group-depth-analysishttps://www.prodaft.com/resource/detail/conti-ransomware-group-depth-analysis
#393https://github.com/timb-machine/linux-malware/issues/393
https://www.cisa.gov/news-events/analysis-reports/ar23-209ahttps://www.cisa.gov/news-events/analysis-reports/ar23-209a
#731https://github.com/timb-machine/linux-malware/issues/731
#729https://github.com/timb-machine/linux-malware/issues/729
https://www.ncsc.gov.uk/files/Cyclops-Blink-Malware-Analysis-Report.pdfhttps://www.ncsc.gov.uk/files/Cyclops-Blink-Malware-Analysis-Report.pdf
#100https://github.com/timb-machine/linux-malware/issues/100
https://elastic.github.io/security-research/intelligence/2022/05/04.bpfdoor/article/https://elastic.github.io/security-research/intelligence/2022/05/04.bpfdoor/article/
#432https://github.com/timb-machine/linux-malware/issues/432
#420https://github.com/timb-machine/linux-malware/issues/420
#418https://github.com/timb-machine/linux-malware/issues/418
https://www.welivesecurity.com/2023/04/20/linux-malware-strengthens-links-lazarus-3cx-supply-chain-attack/https://www.welivesecurity.com/2023/04/20/linux-malware-strengthens-links-lazarus-3cx-supply-chain-attack/
#655https://github.com/timb-machine/linux-malware/issues/655
https://cujo.com/the-sysrv-botnet-and-how-it-evolved/https://cujo.com/the-sysrv-botnet-and-how-it-evolved/
#640https://github.com/timb-machine/linux-malware/issues/640
https://yoroi.company/research/opening-steelcorgi-a-sophisticated-apt-swiss-army-knife/https://yoroi.company/research/opening-steelcorgi-a-sophisticated-apt-swiss-army-knife/
#64https://github.com/timb-machine/linux-malware/issues/64
#134https://github.com/timb-machine/linux-malware/issues/134
https://blog.reversinglabs.com/blog/gwisinlocker-ransomware-targets-south-korean-industrial-and-pharmaceutical-companieshttps://blog.reversinglabs.com/blog/gwisinlocker-ransomware-targets-south-korean-industrial-and-pharmaceutical-companies
#496https://github.com/timb-machine/linux-malware/issues/496
https://unit42.paloaltonetworks.com/mirai-variant-targets-iot-exploits/https://unit42.paloaltonetworks.com/mirai-variant-targets-iot-exploits/
#714https://github.com/timb-machine/linux-malware/issues/714
https://www.mandiant.com/resources/blog/messagetap-who-is-reading-your-text-messageshttps://www.mandiant.com/resources/blog/messagetap-who-is-reading-your-text-messages
#542https://github.com/timb-machine/linux-malware/issues/542
/malware/binaries/MESSAGETAPhttps://github.com/timb-machine/linux-malware/tree/main/malware/binaries/MESSAGETAP
https://www.crowdstrike.com/blog/lemonduck-botnet-targets-docker-for-cryptomining-operations/https://www.crowdstrike.com/blog/lemonduck-botnet-targets-docker-for-cryptomining-operations/
#410https://github.com/timb-machine/linux-malware/issues/410
https://sysdig.com/blog/ssh-snake/https://sysdig.com/blog/ssh-snake/
#801https://github.com/timb-machine/linux-malware/issues/801
#791https://github.com/timb-machine/linux-malware/issues/791
https://sansec.io/research/nginrathttps://sansec.io/research/nginrat
#94https://github.com/timb-machine/linux-malware/issues/94
https://www.trendmicro.com/en_us/research/21/j/actors-target-huawei-cloud-using-upgraded-linux-malware-.htmlhttps://www.trendmicro.com/en_us/research/21/j/actors-target-huawei-cloud-using-upgraded-linux-malware-.html
#383https://github.com/timb-machine/linux-malware/issues/383
https://unit42.paloaltonetworks.com/alloy-taurus/https://unit42.paloaltonetworks.com/alloy-taurus/
#646https://github.com/timb-machine/linux-malware/issues/646
https://www.welivesecurity.com/wp-content/uploads/2021/01/ESET_Kobalos.pdfhttps://www.welivesecurity.com/wp-content/uploads/2021/01/ESET_Kobalos.pdf
#370https://github.com/timb-machine/linux-malware/issues/370
https://securelist.com/ransomexx-trojan-attacks-linux-systems/99279/https://securelist.com/ransomexx-trojan-attacks-linux-systems/99279/
#298https://github.com/timb-machine/linux-malware/issues/298
https://www.fortinet.com/blog/threat-research/rapperbot-malware-discoveryhttps://www.fortinet.com/blog/threat-research/rapperbot-malware-discovery
#488https://github.com/timb-machine/linux-malware/issues/488
/malware/binaries/RapperBothttps://github.com/timb-machine/linux-malware/tree/main/malware/binaries/RapperBot
https://www.intezer.com/blog/malware-analysis/habitsrat-used-to-target-linux-and-windows-servers/https://www.intezer.com/blog/malware-analysis/habitsrat-used-to-target-linux-and-windows-servers/
#114https://github.com/timb-machine/linux-malware/issues/114
https://www.fortinet.com/blog/threat-research/deep-dive-into-a-linux-rootkit-malwarehttps://www.fortinet.com/blog/threat-research/deep-dive-into-a-linux-rootkit-malware
#821https://github.com/timb-machine/linux-malware/issues/821
https://www.cert.ssi.gouv.fr/ioc/CERTFR-2021-IOC-003/https://www.cert.ssi.gouv.fr/ioc/CERTFR-2021-IOC-003/
#329https://github.com/timb-machine/linux-malware/issues/329
https://decoded.avast.io/davidalvarez/linux-threat-hunting-syslogk-a-kernel-rootkit-found-under-development-in-the-wild/https://decoded.avast.io/davidalvarez/linux-threat-hunting-syslogk-a-kernel-rootkit-found-under-development-in-the-wild/
#459https://github.com/timb-machine/linux-malware/issues/459
https://twitter.com/malwaremustd1e/status/1235595880041873408https://twitter.com/malwaremustd1e/status/1235595880041873408
#358https://github.com/timb-machine/linux-malware/issues/358
https://twitter.com/CraigHRowland/status/1422267857988063232https://twitter.com/CraigHRowland/status/1422267857988063232
#354https://github.com/timb-machine/linux-malware/issues/354
https://id-ransomware.blogspot.com/2021/11/polaris-ransomware.htmlhttps://id-ransomware.blogspot.com/2021/11/polaris-ransomware.html
#398https://github.com/timb-machine/linux-malware/issues/398
https://twitter.com/malwaremustd1e/status/1251758225919115264https://twitter.com/malwaremustd1e/status/1251758225919115264
#361https://github.com/timb-machine/linux-malware/issues/361
https://blogs.jpcert.or.jp/en/2023/05/gobrat.htmlhttps://blogs.jpcert.or.jp/en/2023/05/gobrat.html
#682https://github.com/timb-machine/linux-malware/issues/682
https://twitter.com/IntezerLabs/status/1272915284148531200https://twitter.com/IntezerLabs/status/1272915284148531200
#341https://github.com/timb-machine/linux-malware/issues/341
https://twitter.com/ESETresearch/status/1382054011264700416https://twitter.com/ESETresearch/status/1382054011264700416
#335https://github.com/timb-machine/linux-malware/issues/335
https://twitter.com/CraigHRowland/status/1628883826738077696/photo/1https://twitter.com/CraigHRowland/status/1628883826738077696/photo/1
#612https://github.com/timb-machine/linux-malware/issues/612
https://asec.ahnlab.com/en/55785/https://asec.ahnlab.com/en/55785/
#733https://github.com/timb-machine/linux-malware/issues/733
https://mp-weixin-qq-com.translate.goog/s/pd6fUs5TLdBtwUHauclDOQ?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en&_x_tr_pto=wapphttps://mp-weixin-qq-com.translate.goog/s/pd6fUs5TLdBtwUHauclDOQ?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en&_x_tr_pto=wapp
#588https://github.com/timb-machine/linux-malware/issues/588
https://asec.ahnlab.com/en/51908/https://asec.ahnlab.com/en/51908/
#650https://github.com/timb-machine/linux-malware/issues/650
#550https://github.com/timb-machine/linux-malware/issues/550
https://lab52.io/blog/looking-for-penquins-in-the-wild/https://lab52.io/blog/looking-for-penquins-in-the-wild/
#594https://github.com/timb-machine/linux-malware/issues/594
https://daniele.bearblog.dev/cve-2023-35829-fake-poc-en/https://daniele.bearblog.dev/cve-2023-35829-fake-poc-en/
#724https://github.com/timb-machine/linux-malware/issues/724
#710https://github.com/timb-machine/linux-malware/issues/710
#711https://github.com/timb-machine/linux-malware/issues/711
#814https://github.com/timb-machine/linux-malware/issues/814
https://www.fortinet.com/blog/threat-research/gotrim-go-based-botnet-actively-brute-forces-wordpress-websiteshttps://www.fortinet.com/blog/threat-research/gotrim-go-based-botnet-actively-brute-forces-wordpress-websites
#598https://github.com/timb-machine/linux-malware/issues/598
https://cybersecurity.att.com/blogs/labs-research/prism-attacks-fly-under-the-radarhttps://cybersecurity.att.com/blogs/labs-research/prism-attacks-fly-under-the-radar
#375https://github.com/timb-machine/linux-malware/issues/375
https://asec.ahnlab.com/en/50316/https://asec.ahnlab.com/en/50316/
#621https://github.com/timb-machine/linux-malware/issues/621
https://www.akamai.com/blog/security/new-p2p-botnet-panchanhttps://www.akamai.com/blog/security/new-p2p-botnet-panchan
#476https://github.com/timb-machine/linux-malware/issues/476
#477https://github.com/timb-machine/linux-malware/issues/477
https://old.reddit.com/r/LinuxMalware/comments/gdte0m/linuxkaiji/https://old.reddit.com/r/LinuxMalware/comments/gdte0m/linuxkaiji/
#340https://github.com/timb-machine/linux-malware/issues/340
https://cujo.com/iot-malware-journals-prometei-linux/https://cujo.com/iot-malware-journals-prometei-linux/
#300https://github.com/timb-machine/linux-malware/issues/300
https://vblocalhost.com/conference/presentations/shades-of-red-redxor-linux-backdoor-and-its-chinese-origins/https://vblocalhost.com/conference/presentations/shades-of-red-redxor-linux-backdoor-and-its-chinese-origins/
#408https://github.com/timb-machine/linux-malware/issues/408
https://www.microsoft.com/en-us/security/blog/2023/06/22/iot-devices-and-linux-based-systems-targeted-by-openssh-trojan-campaign/https://www.microsoft.com/en-us/security/blog/2023/06/22/iot-devices-and-linux-based-systems-targeted-by-openssh-trojan-campaign/
#700https://github.com/timb-machine/linux-malware/issues/700
#171https://github.com/timb-machine/linux-malware/issues/171
#217https://github.com/timb-machine/linux-malware/issues/217
#701https://github.com/timb-machine/linux-malware/issues/701
https://vulncheck.com/blog/fake-repos-deliver-malicious-implanthttps://vulncheck.com/blog/fake-repos-deliver-malicious-implant
#686https://github.com/timb-machine/linux-malware/issues/686
https://www.cadosecurity.com/post/team-tnt-the-first-crypto-mining-worm-to-steal-aws-credentialshttps://www.cadosecurity.com/post/team-tnt-the-first-crypto-mining-worm-to-steal-aws-credentials
#50https://github.com/timb-machine/linux-malware/issues/50
https://www.trendmicro.com/en_gb/research/19/f/cryptocurrency-mining-botnet-arrives-through-adb-and-spreads-through-ssh.htmlhttps://www.trendmicro.com/en_gb/research/19/f/cryptocurrency-mining-botnet-arrives-through-adb-and-spreads-through-ssh.html
#55https://github.com/timb-machine/linux-malware/issues/55
https://www.kroll.com/en/insights/publications/cyber/inside-the-systembc-malware-serverhttps://www.kroll.com/en/insights/publications/cyber/inside-the-systembc-malware-server
#784https://github.com/timb-machine/linux-malware/issues/784
https://imgur.com/a/LpTN7https://imgur.com/a/LpTN7
#85https://github.com/timb-machine/linux-malware/issues/85
https://threatfabric.com/blogs/vultur-v-for-vnc.htmlhttps://threatfabric.com/blogs/vultur-v-for-vnc.html
#379https://github.com/timb-machine/linux-malware/issues/379
https://blog.netlab.360.com/gafgtyt_tor-and-necro-are-on-the-move-again/https://blog.netlab.360.com/gafgtyt_tor-and-necro-are-on-the-move-again/
#314https://github.com/timb-machine/linux-malware/issues/314
https://www.reversinglabs.com/blog/gwisinlocker-ransomware-targets-south-korean-industrial-and-pharmaceutical-companieshttps://www.reversinglabs.com/blog/gwisinlocker-ransomware-targets-south-korean-industrial-and-pharmaceutical-companies
#758https://github.com/timb-machine/linux-malware/issues/758
https://cybersec84.wordpress.com/2023/08/15/monti-ransomware-operators-resurface-with-new-linux-variant-improved-evasion-tactics/https://cybersec84.wordpress.com/2023/08/15/monti-ransomware-operators-resurface-with-new-linux-variant-improved-evasion-tactics/
#753https://github.com/timb-machine/linux-malware/issues/753
https://www.fireeye.com/blog/threat-research/2020/01/vigilante-deploying-mitigation-for-citrix-netscaler-vulnerability-while-maintaining-backdoor.htmlhttps://www.fireeye.com/blog/threat-research/2020/01/vigilante-deploying-mitigation-for-citrix-netscaler-vulnerability-while-maintaining-backdoor.html
#332https://github.com/timb-machine/linux-malware/issues/332
https://blog.netlab.360.com/qnap-nas-users-make-sure-you-check-your-system/https://blog.netlab.360.com/qnap-nas-users-make-sure-you-check-your-system/
#306https://github.com/timb-machine/linux-malware/issues/306
https://www.crowdstrike.com/blog/an-analysis-of-lightbasin-telecommunications-attackshttps://www.crowdstrike.com/blog/an-analysis-of-lightbasin-telecommunications-attacks
#8https://github.com/timb-machine/linux-malware/issues/8
#134https://github.com/timb-machine/linux-malware/issues/134
https://blog.aquasec.com/threat-alert-kinsing-malware-container-vulnerabilityhttps://blog.aquasec.com/threat-alert-kinsing-malware-container-vulnerability
#337https://github.com/timb-machine/linux-malware/issues/337
https://imgur.com/a/Ak9zICqhttps://imgur.com/a/Ak9zICq
#367https://github.com/timb-machine/linux-malware/issues/367
https://www.crowdstrike.com/blog/prophet-spider-exploits-oracle-weblogic-to-facilitate-ransomware-activity/https://www.crowdstrike.com/blog/prophet-spider-exploits-oracle-weblogic-to-facilitate-ransomware-activity/
#373https://github.com/timb-machine/linux-malware/issues/373
https://twitter.com/IntezerLabs/status/1326880812344676352https://twitter.com/IntezerLabs/status/1326880812344676352
#330https://github.com/timb-machine/linux-malware/issues/330
https://www.trendmicro.com/en_gb/research/21/f/bash-ransomware-darkradiation-targets-red-hat--and-debian-based-linux-distributions.htmlhttps://www.trendmicro.com/en_gb/research/21/f/bash-ransomware-darkradiation-targets-red-hat--and-debian-based-linux-distributions.html
#304https://github.com/timb-machine/linux-malware/issues/304
https://www.welivesecurity.com/2022/09/14/you-never-walk-alone-sidewalk-backdoor-linux-variant/https://www.welivesecurity.com/2022/09/14/you-never-walk-alone-sidewalk-backdoor-linux-variant/
#516https://github.com/timb-machine/linux-malware/issues/516
https://www.welivesecurity.com/2013/05/07/linuxcdorked-malware-lighttpd-and-nginx-web-servers-also-affected/https://www.welivesecurity.com/2013/05/07/linuxcdorked-malware-lighttpd-and-nginx-web-servers-also-affected/
#513https://github.com/timb-machine/linux-malware/issues/513
https://permiso.io/blog/s/legion-mass-spam-attacks-in-aws/https://permiso.io/blog/s/legion-mass-spam-attacks-in-aws/
#681https://github.com/timb-machine/linux-malware/issues/681
https://twitter.com/malwrhunterteam/status/1415403132230803460https://twitter.com/malwrhunterteam/status/1415403132230803460
#310https://github.com/timb-machine/linux-malware/issues/310
https://www.mitiga.io/blog/mitiga-security-advisory-abusing-the-ssm-agent-as-a-remote-access-trojanhttps://www.mitiga.io/blog/mitiga-security-advisory-abusing-the-ssm-agent-as-a-remote-access-trojan
#732https://github.com/timb-machine/linux-malware/issues/732
https://twitter.com/IntezerLabs/status/1338480158249013250https://twitter.com/IntezerLabs/status/1338480158249013250
#301https://github.com/timb-machine/linux-malware/issues/301
https://tolisec.com/ssh-backdoor-botnet-with-research-infection-technique/https://tolisec.com/ssh-backdoor-botnet-with-research-infection-technique/
#92https://github.com/timb-machine/linux-malware/issues/92
http://www.welivesecurity.com/wp-content/uploads/2015/05/Dissecting-LinuxMoose.pdfhttp://www.welivesecurity.com/wp-content/uploads/2015/05/Dissecting-LinuxMoose.pdf
#349https://github.com/timb-machine/linux-malware/issues/349
https://www.intezer.com/blog/research/kaiji-new-chinese-linux-malware-turning-to-golang/https://www.intezer.com/blog/research/kaiji-new-chinese-linux-malware-turning-to-golang/
#339https://github.com/timb-machine/linux-malware/issues/339
https://www.trendmicro.com/en_us/research/23/g/detecting-bpfdoor-backdoor-variants-abusing-bpf-filters.htmlhttps://www.trendmicro.com/en_us/research/23/g/detecting-bpfdoor-backdoor-variants-abusing-bpf-filters.html
#725https://github.com/timb-machine/linux-malware/issues/725
/malware/binaries/BPFDoorhttps://github.com/timb-machine/linux-malware/tree/main/malware/binaries/BPFDoor
https://imgur.com/a/DWKK5https://imgur.com/a/DWKK5
#84https://github.com/timb-machine/linux-malware/issues/84
https://darrenmartyn.ie/2021/11/29/analysis-of-the-lib__mdma-so-1-userland-rootkit/https://darrenmartyn.ie/2021/11/29/analysis-of-the-lib__mdma-so-1-userland-rootkit/
#401https://github.com/timb-machine/linux-malware/issues/401
#530https://github.com/timb-machine/linux-malware/issues/530
https://honeynet.onofri.org/scans/scan13/som/som5.txthttps://honeynet.onofri.org/scans/scan13/som/som5.txt
#389https://github.com/timb-machine/linux-malware/issues/389
https://www.virusbulletin.com/virusbulletin/2014/07/mayhem-hidden-threat-nix-web-servershttps://www.virusbulletin.com/virusbulletin/2014/07/mayhem-hidden-threat-nix-web-servers
#382https://github.com/timb-machine/linux-malware/issues/382
https://www.binarydefense.com/resources/blog/shining-a-light-in-the-dark-how-binary-defense-uncovered-an-apt-lurking-in-shadows-of-it/https://www.binarydefense.com/resources/blog/shining-a-light-in-the-dark-how-binary-defense-uncovered-an-apt-lurking-in-shadows-of-it/
#809https://github.com/timb-machine/linux-malware/issues/809
https://imgur.com/a/57uOiTuhttps://imgur.com/a/57uOiTu
#80https://github.com/timb-machine/linux-malware/issues/80
https://stairwell.com/news/chamelgang-and-chameldoh-a-dns-over-https-implant/https://stairwell.com/news/chamelgang-and-chameldoh-a-dns-over-https-implant/
#690https://github.com/timb-machine/linux-malware/issues/690
https://research.checkpoint.com/2021/freakout-leveraging-newest-vulnerabilities-for-creating-a-botnet/https://research.checkpoint.com/2021/freakout-leveraging-newest-vulnerabilities-for-creating-a-botnet/
#297https://github.com/timb-machine/linux-malware/issues/297
https://www.trendmicro.com/en_us/research/23/i/earth-lusca-employs-new-linux-backdoor.htmlhttps://www.trendmicro.com/en_us/research/23/i/earth-lusca-employs-new-linux-backdoor.html
#789https://github.com/timb-machine/linux-malware/issues/789
#170https://github.com/timb-machine/linux-malware/issues/170
https://twitter.com/sethkinghi/status/1397814848549900288https://twitter.com/sethkinghi/status/1397814848549900288
#717https://github.com/timb-machine/linux-malware/issues/717
https://blog.netlab.360.com/a-new-mining-botnet-blends-its-c2s-into-ngrok-service/https://blog.netlab.360.com/a-new-mining-botnet-blends-its-c2s-into-ngrok-service/
#343https://github.com/timb-machine/linux-malware/issues/343
https://twitter.com/billyleonard/status/1458531997576572929https://twitter.com/billyleonard/status/1458531997576572929
#480https://github.com/timb-machine/linux-malware/issues/480
#481https://github.com/timb-machine/linux-malware/issues/481
https://www.welivesecurity.com/2015/04/29/unboxing-linuxmumblehard-muttering-spam-servers/https://www.welivesecurity.com/2015/04/29/unboxing-linuxmumblehard-muttering-spam-servers/
#68https://github.com/timb-machine/linux-malware/issues/68
https://old.reddit.com/r/LinuxMalware/comments/a66dsz/ddostf_still_lurking_arm_boxes/https://old.reddit.com/r/LinuxMalware/comments/a66dsz/ddostf_still_lurking_arm_boxes/
#72https://github.com/timb-machine/linux-malware/issues/72
https://blog.avast.com/2013/08/27/linux-trojan-hand-of-thief-ungloved/https://blog.avast.com/2013/08/27/linux-trojan-hand-of-thief-ungloved/
#503https://github.com/timb-machine/linux-malware/issues/503
https://www.intezer.com/blog/research/lightning-framework-new-linux-threat/https://www.intezer.com/blog/research/lightning-framework-new-linux-threat/
#470https://github.com/timb-machine/linux-malware/issues/470
/malware/binaries/Lightninghttps://github.com/timb-machine/linux-malware/tree/main/malware/binaries/Lightning
https://unit42.paloaltonetworks.com/pgminer-postgresql-cryptocurrency-mining-botnet/https://unit42.paloaltonetworks.com/pgminer-postgresql-cryptocurrency-mining-botnet/
#351https://github.com/timb-machine/linux-malware/issues/351
https://twitter.com/bkMSFT/status/1417823714922610689https://twitter.com/bkMSFT/status/1417823714922610689
#328https://github.com/timb-machine/linux-malware/issues/328
#329https://github.com/timb-machine/linux-malware/issues/329
https://zhuanlan.zhihu.com/p/348960748https://zhuanlan.zhihu.com/p/348960748
#403https://github.com/timb-machine/linux-malware/issues/403
https://vms.drweb.com/virus/?i=15389228https://vms.drweb.com/virus/?i=15389228
#326https://github.com/timb-machine/linux-malware/issues/326
https://twitter.com/IntezerLabs/status/1291355808811409408https://twitter.com/IntezerLabs/status/1291355808811409408
#346https://github.com/timb-machine/linux-malware/issues/346
https://doublepulsar.com/cyber-toufan-goes-oprah-mode-with-free-linux-system-wipes-of-over-100-organisations-eaf249b042dchttps://doublepulsar.com/cyber-toufan-goes-oprah-mode-with-free-linux-system-wipes-of-over-100-organisations-eaf249b042dc
#786https://github.com/timb-machine/linux-malware/issues/786
https://www.welivesecurity.com/2017/01/05/killdisk-now-targeting-linux-demands-250k-ransom-cant-decrypt/https://www.welivesecurity.com/2017/01/05/killdisk-now-targeting-linux-demands-250k-ransom-cant-decrypt/
#308https://github.com/timb-machine/linux-malware/issues/308
https://www.trendmicro.com/en_us/research/22/e/new-linux-based-ransomware-cheerscrypt-targets-exsi-devices.htmlhttps://www.trendmicro.com/en_us/research/22/e/new-linux-based-ransomware-cheerscrypt-targets-exsi-devices.html
#442https://github.com/timb-machine/linux-malware/issues/442
#544https://github.com/timb-machine/linux-malware/issues/544
https://unit42.paloaltonetworks.com/black-t-cryptojacking-variant/https://unit42.paloaltonetworks.com/black-t-cryptojacking-variant/
#327https://github.com/timb-machine/linux-malware/issues/327
Readme https://github.com/timb-machine/linux-malware#readme-ov-file
Unlicense license https://github.com/timb-machine/linux-malware#Unlicense-1-ov-file
Please reload this pagehttps://github.com/timb-machine/linux-malware
Activityhttps://github.com/timb-machine/linux-malware/activity
94 forkshttps://github.com/timb-machine/linux-malware/forks
Report repository https://github.com/contact/report-content?content_url=https%3A%2F%2Fgithub.com%2Ftimb-machine%2Flinux-malware&report=timb-machine+%28user%29
Releaseshttps://github.com/timb-machine/linux-malware/releases
Packages 0https://github.com/users/timb-machine/packages?repo_name=linux-malware
Please reload this pagehttps://github.com/timb-machine/linux-malware
Please reload this pagehttps://github.com/timb-machine/linux-malware
Contributorshttps://github.com/timb-machine/linux-malware/graphs/contributors
Please reload this pagehttps://github.com/timb-machine/linux-malware
HTML 95.4% https://github.com/timb-machine/linux-malware/search?l=html
Shell 4.0% https://github.com/timb-machine/linux-malware/search?l=shell
Python 0.4% https://github.com/timb-machine/linux-malware/search?l=python
Perl 0.1% https://github.com/timb-machine/linux-malware/search?l=perl
PHP 0.1% https://github.com/timb-machine/linux-malware/search?l=php
C 0.0% https://github.com/timb-machine/linux-malware/search?l=c
https://github.com
Termshttps://docs.github.com/site-policy/github-terms/github-terms-of-service
Privacyhttps://docs.github.com/site-policy/privacy-policies/github-privacy-statement
Securityhttps://github.com/security
Statushttps://www.githubstatus.com/
Communityhttps://github.community/
Docshttps://docs.github.com/
Contacthttps://support.github.com?tags=dotcom-footer

Viewport: width=device-width


URLs of crawlers that visited me.