Ezuri crypter used by Linux threat actors to avoid detection

According to AT&T Alien Labs report, multiple malware authors are using Ezuri crypter to improve the antidetection of their malware. Tactics like this one are a norm for Windows malware, but now it is used for Linux malware as well. Ezuri is both a crypter and a loader for ELF (Linux) binaries. It encrypts the malware code and executes the malicious payload directly within memory without generating any files on the disk. Source code for Ezuri is available on GitHub. Read more...