I published the following diary on isc.sans.org: “Malicious Bash Script with Multiple Features“:
It’s not common to find a complex malicious bash script. Usually, bash scripts are used to download a malicious executable and start it. This one has been spotted by @michalmalik who twitted about it. I had a quick look at it. The script has currently a score of 13/50 on VT. First of all, the script installs some tools and dependencies. ‘apt-get’ and ‘yum’ are used, this means that multiple Linux distributions are targeted… [Read more]
One comment