A Deep-Dive on Symbiote: A New, Nearly-Impossible-to-Detect Linux Threat

Presented by

Dmitry Bestuzhev, Most Distinguished Threat Researcher | BlackBerry

About this talk

A few months ago, in a joint collaboration with Intezer, we discovered a new, previously undetected malware that acts in a parasitic nature and affects Linux® operating systems. It appears to have been written to target the financial sector in Latin America. We have aptly named this malware Symbiote. Symbiote is a highly evasive malware whose main objective is to capture credentials and to facilitate backdoor access to infected machines. Once on the host machine, it cleverly hides itself, its network traffic, and any other malware used by the threat actor. Because it operates as a userland level rootkit, detecting a Symbiote infection may be nearly impossible. What makes Symbiote different from other Linux malware is its ability to infect running processes, rather than using a standalone executable file to inflict damage. Symbiote is one of the most sophisticated Linux threats we’ve seen in recent times, but trends we’ve observed in the current threat landscape suggest it won’t be the last. Please join our Most Distinguished Threat Researcher Dmitry Bestuzhev on this deep dive to learn more about Symbiote and how to protect your users and your network environment against it.

Related topics:

More from this channel

Upcoming talks (5)
On-demand talks (112)
Subscribers (7097)
BlackBerry (NYSE: BB; TSX: BB) provides intelligent security software and services to enterprises and governments around the world. The company secures more than 500M endpoints including 150M cars on the road today. Based in Waterloo, Ontario, the company leverages AI and machine learning to deliver innovative solutions in the areas of cybersecurity, safety and data privacy solutions, and is a leader in the areas of endpoint security management, encryption, and embedded systems. BlackBerry’s vision is clear — to secure a connected future you can trust. For more information, visit BlackBerry.com and follow @BlackBerry.