all InfoSec news
New Diamorphine rootkit variant seen undetected in the wild
Malware Analysis, News and Indicators - Latest topics malware.news
Introduction
Code reuse is very frequent in malware, especially for those parts of the sample that are complex to develop or hard to write with an essentially different alternative code. By tracking both source code and object code, we efficiently detect new malware and track the evolution of existing malware in-the-wild.
Diamorphine is a well-known Linux kernel rootkit that supports different Linux kernel versions (2.6.x, 3.x, 4.x, 5.x and 6.x) and processor architectures (x86 …
code code reuse detect evolution hard in the wild introduction malware malware analysis object parts reuse rootkit sample source code track tracking undetected