From: robin_listas@es.invalid   
      
   On 2025-02-28 08:45, Hank wrote:   
   > https://unit42.paloaltonetworks.com/new-linux-backdoor-auto-color/   
   >   
   > Between early November and December 2024, Palo Alto Networks researchers   
   > discovered new Linux malware called Auto-color. We chose this name based on   
   > the file name the initial payload renames itself after installation.   
   >   
   > The malware employs several methods to avoid detection, such as:   
   >   
   > Using benign-looking file names for operating   
   > Hiding remote command and control (C2) connections using an advanced   
   > technique similar to the one used by the Symbiote malware family   
   > Deploying proprietary encryption algorithms to hide communication and   
   > configuration information   
   > Once installed, Auto-color allows threat actors full remote access to   
   > compromised machines, making it very difficult to remove without   
   > specialized software.   
      
      
   The important information, which is how it enters initially a machine,   
   is missing. It seems to be root running an infected executable.   
      
   --   
   Cheers, Carlos.   
      
   --- SoupGate-DOS v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)