Concrete signature match: Backdoor - Provides unauthorized remote access for Linux platform, family Gafgyt
This threat is a backdoor from the Gafgyt malware family, which targets Linux systems to incorporate them into a botnet. Infected devices are then used by attackers to launch Distributed Denial-of-Service (DDoS) attacks. The detection was made by a machine learning model based on the file's behavior.
No specific strings found for this threat
d4f916a0e71a6c14c45d165c7835500c6fd5718adcc0eb20200a8290932da3f7b61090692148a30fbbf0182e5fb7f24546a420bfc8b0ecb8f638f8e418012055eb12012bee3aa81335d3f694350a822c0157a603d0e2f6a9e475981cf6bad8adcdc33cb49a1ad0e27a8d8052a3af059d6b102e84b07510222b17146d69e09c48c96d4f7aa478ada1faa68f9c3caba102cde301645d32fc8cc63ffa2f87c5db7bIsolate the affected Linux host from the network. Use security tools to terminate the malicious process and remove the associated files. Investigate the root cause, change all credentials (especially for SSH/Telnet), and apply security patches to prevent re-infection.