Unveiling sedexp: A Stealthy Linux Malware Exploiting udev Rules
Aug. 23, 2024, 10 a.m.
Description
Stroz Friedberg discovered sedexp, a stealthy Linux malware that utilizes udev rules to achieve persistence and evade detection. It provides reverse shell capabilities and advanced concealment tactics. Employed by a financially motivated threat actor, sedexp hides credit card scraping code, indicating a focus on financial gain. Despite being active since 2022, multiple public instances had zero detections, highlighting its evasive nature.
Tags
Date
- Created: Aug. 23, 2024, 9:39 a.m.
- Published: Aug. 23, 2024, 9:39 a.m.
- Modified: Aug. 23, 2024, 10 a.m.
Indicators
- b981948d51e344972d920722385f2370caf1e4fac0781d508bc1f088f477b648
- 94ef35124a5ce923818d01b2d47b872abd5840c4f4f2178f50f918855e0e5ca2
- 43f72f4cdab8ed40b2f913be4a55b17e7fd8a7946a636adb4452f685c1ffea02