Concrete signature match: Backdoor - Provides unauthorized remote access for Linux platform, family Gafgyt
Backdoor:Linux/Gafgyt.AF!MTB is a detection for a variant of the Gafgyt botnet malware targeting Linux systems. This threat typically infects devices by exploiting vulnerabilities, adding them to a botnet controlled by an attacker. Compromised systems are then used to launch Distributed Denial-of-Service (DDoS) attacks.
No detailed analysis available from definition files.
e8bb8d83dc62c7b4830d5a8a797175435f6182a9afad0f33d4ef780a8def60f493ce367e397ebeb13d489cf11de4a2abad29711030e29e47e91f967a983fdbf0d414a840df9701ed5446a7411c01553d8fc08bd1ce1c435d6d9a7de0a907355693ab7c9aecdabd7a07fe344189d38e8be5556b508cf5c0296e15aa081091b9c4e2e67d52821162ef4e0eccc5f36cfb8fe50a49fbd6157ce90603c4d3dc9694b31. Isolate the affected Linux system from the network. 2. Identify and remove the malicious Gafgyt executable and any associated persistence mechanisms (e.g., cron jobs, startup scripts). 3. Change all credentials and apply all security patches to the OS and applications to prevent reinfection.