Concrete signature match: Backdoor - Provides unauthorized remote access for Linux platform, family Mirai
This detection identifies a variant of the Mirai botnet malware targeting Linux systems. The malware acts as a backdoor, allowing an attacker to take control of the infected device and use it to participate in large-scale Distributed Denial-of-Service (DDoS) attacks. It typically spreads by scanning the internet for devices with weak or default credentials.
No detailed analysis available from definition files.
207ca7b4d95732a92aa9fd34185084b127bc5e3fcfcd2061874d452f76290dc5b5a30e9de997f23644e445026c57e0b9c2a07257ffaec17f17fb23ead875d86b8eed1fc13275c2fbffc406d91992ac449e7667eb0c4d254397a76224e8b432d58d62a94ba04ccb38cfd0dd66d7600bfab5545839cdc534c005f761a91e3007c190e4c273928aedc62dbfffbf1a70b9a62ca513c2182f2e8c9e36e354c122b775Isolate the compromised Linux system from the network immediately to prevent further spread or participation in attacks. Re-image the system from a known-good backup to ensure complete removal. Harden the system by changing all default/weak credentials, disabling unused services like Telnet, and implementing strict firewall rules.