Concrete signature match: Backdoor - Provides unauthorized remote access for Linux platform, family Mirai
This threat is a variant of the Mirai botnet, which infects Linux systems by exploiting weak or default credentials. Once compromised, the device is added to a botnet to participate in large-scale Distributed Denial-of-Service (DDoS) attacks. The '!MTB' suffix indicates this was identified through machine learning behavioral analysis.
No detailed analysis available from definition files.
88f0a094f42ee58e0b086ea1583a3af2a7dde8323190388a004b678e94de78ddde470e0da381af699674805afdc42c7a425d458d04afc446363402231aea5047c2ffb0ae8ab4132e06188ee5b05457553523ba3af5d657316f9691241266935fe045ce0aff11270885fefcaab341a7bf67b27f998292a923609cec9573644833Isolate the affected Linux system (e.g., WSL, container, or VM) from the network to prevent further malicious activity. Identify and remove the malware, then conduct a security review. Harden the system by changing all default credentials to strong, unique passwords and disabling any unnecessary network services.