Sedexp Malware: The Stealthy Linux Threat Evading Detection
Security Boulevard, Monday, September 9th, 2024
A new, sophisticated Linux malware named 'sedexp' has been discovered, quietly evading detection since 2022.
Its unique persistence technique, leveraging udev rules, has allowed it to operate under the radar, making it a particularly dangerous threat. This article explores how this malware operates, its unique evasion strategies, and the implications for Linux security.
How Does sedexp Work?
Sedexp, as identified by risk management firm Stroz Friedberg, can provide attackers with remote access to compromised systems. By exploiting the udev device management system, the malware ensures its persistence, making it difficult to eradicate. Udev rules are configuration files that define how the Linux kernel should handle specific devices or events.