New Stealthy Shikitega Malware Targets Linux Systems and IoT Devices
Reading Time: 2 minutes

The new stealthy Shiktega Malware that uses a multi-stage infection chain to compromise Linux systems and IoT devices. This malware deposits additional payloads, but is unheard of.

According to  AT&T Alien Labs with this piece of software, you can gain total control of the computer and also set up a cryptocurrency miner to keep running.

The Shiktega Malware has been found recently and includes BPFDoor, Symbiote, Syslogk, OrBit, and Lightning Framework.

We install Metasploit’s Mettle” meterpreter and use it to download a persistent stealth executable on the victim’s device, and then launch a cryptocurrency miner.

The exact way this virus strikes isn’t clear yet, but it can download a payload and then execute it directly in memory from the command-and-control server.New Stealthy Shikitega Malware Targets Linux Systems and IoT Devices_1Using CVE-2021-4034 (aka PwnKit) and CVE-2021-3493, this exploit permits the adversary to use the elevated permissions to fetch and execute the final stage shell scripts with root privileges. They can then establish persistence or deploy Monero crypto miners.

The malware operators employ a Shikata ga nai encoder to avoid detection. AT&T researchers found that hackers are getting more advanced and finding new ways to deliver malware to avoid detection.

A sophisticated malware package will be delivered in phases. At every step, only a portion of the total payload will be revealed until the full payload is unleashed onto the system.

Related Articles:
Pakistan Government Admits Own Cybersecurity Team Incompetent
Cybersecurity Week – Beijing Claims US Attacked A Military Research University
Mirai Botnet Variant MooBot Botnet – Exploits D-Link Router Vulnerabilities