Detection of Defense Evasion Techniques Targeting Linux Using AhnLab EDR (2)

  • In a previous blog post, we discussed evasion techniques used by attackers and malware to hide from security services and modules after attacking a Linux server.
  • This blog post covers additional Linux defense evasion techniques that were not discussed in the previous post.
  • One example of a technique used to hide malware is for the malware to delete itself during execution to avoid detection by administrators.
  • Another technique involves deleting various log files that record the process from initial infiltration to the installation of the malware.
  • These actions are performed by attackers to avoid detection and to maintain persistence on the compromised Linux system.

https://asec.ahnlab.com/ko/67359/