Concrete signature match: Backdoor - Provides unauthorized remote access for Linux platform, family Gafgyt
Backdoor:Linux/Gafgyt.G!xp is a malicious backdoor from a well-known IoT/Linux botnet family. It compromises the device, adds it to a botnet, and uses the infected system to participate in large-scale Distributed Denial-of-Service (DDoS) attacks under the control of a remote attacker.
No detailed analysis available from definition files.
4cef2f42c2e651543666352a1b44c34f9326f697d0691b294f76c5b38d218ec0ae614a16f3ff3402122dea17e0909d4461c3e15115dd757e291d472db7a6fe6ace2349d37e0c1bf59794ee20811b70b8bf938b9285db88f80a070df4a22429b64be859320d5b8ab6fd196653cdf8fbdb2341144f5b0a4e88eed63e5fbbb0d99914658caa1212b1012c67587a0cd5834dac54cffbb732351405dc1e294456fa7fImmediately isolate the compromised device from the network to prevent C2 communication and participation in DDoS attacks. Re-image the system from a known-good source or remove the malware and any persistence mechanisms. Change all system credentials and patch any vulnerabilities to prevent reinfection.