Concrete signature match: Backdoor - Provides unauthorized remote access for Linux platform, family Gafgyt
Backdoor:Linux/Gafgyt.I!xp is a backdoor targeting Linux systems, commonly IoT devices, to enlist them into a botnet. Compromised devices are then used by attackers to launch large-scale Distributed Denial-of-Service (DDoS) attacks and are subject to further remote control.
No detailed analysis available from definition files.
f16f375df54b3c485164167423f7278339a1f7d87f9384be20a1dfb57e131d890b1c4e7b9e3b42ef4f12caecb2d831e652bddc082b174b3cbc7a83e511fa234f19de7758721c4c15b4c5c13f8af4752f3715d1924ced8433f6fc1e8b4aebadb67d9a8ce46cbdf28d3886352f77adb1cc8b555dec4e9ce2f0bdb31bccaeee8db1Immediately isolate the affected Linux system from the network. Identify and remove the malicious file and any persistence mechanisms established by the threat. Change all default or weak credentials, disable unnecessary services (e.g., Telnet), and consider reimaging or factory resetting the device.