diamorpinecryptominer-anyrun2025
2025-05-07
Tweet by ANY.RUN
May 7, 2025
| Notes |
|---|
| Diamorphine |
| rootkit |
| cryptocurrency miner |
| Linux malware |
| system call |
| hooking |
| SSH key theft |
| privilege escalation |
| persistence |
| systemd |
| territorial malware |
| binary replacement: ps |
https://x.com/anyrun_app/status/1920124091920515476
Linux Persistence: Modular Software
2025-04-17 DFIR CTF persistence linux persistence apache asterisk
Linux Persistence: Web Shells
2025-04-16 DFIR persistence webshell linux persistence webshell apache nginx PHP
Linux Persistence: Rootkits
2025-04-15 DFIR persistence rootkit LKM linux persistence LKM rootkit LD_PRELOAD kprobe ftrace ld.so hooking
Defanging Linux LKM Rootkits With cleanup_module()
2025-04-05 Linux LKM rootkits EDR hooks incident response Linux LKM rootkit