A Linux malware called 'sedexp' has remained undetected since 2022 by employing a stealthy persistence technique not currently listed in the MITRE ATT&CK framework.
Discovered by risk management firm Stroz Friedberg, an Aon Insurance company, this malware allows its operators to establish reverse shells for remote access, facilitating further infiltration.
"The persistence method employed (udev rules) is currently absent from the MITRE ATT&CK documentation," the researchers point out, underscoring sedexp's advanced nature as it lurks in plain sight.
Read more...