Is Sophos already detecting this newly discovered backdoor? This Linux backdoor also targets Windows systems. Can anyone confirm? Thanks!
This thread was automatically locked due to age.
Hi ,
Thank you for your quick replies. We just want to make sure that once this newly discovered threat arrived on our network, we are confident that Sophos can block it.
The following details may also help in making sure that Sophos can detect the file once it arrived on our network. Here are the threat details I found in Virus Total:
MD5: 464dc38c776724b9ec931480419dcf64
SHA1: bd24972a8e34bbd2e7f3b58d6d7fd1a94efa7355
SHA256: 2b1c87e92d1f97ed3b2926a25c4cc31a2d756f6ae712052bee9d777c678c7ad2
File name: file-7105748_exe, Server.exe
Do you have a threat page which could serve as a reference that you do have detection for this newly discovered backdoor? And will this detection be applicable both in Linux and Windows machines where it was reportedly capable of infecting?
Again, thank you very much for your support. Looking forward for your response.
Regards,
Morning,
Thank you for posting information, you can find information about threats and detections on the SophosLabs website https://www.sophos.com/en-us/threat-center/threat-analyses.aspx.
This one in particular is here https://www.sophos.com/en-us/threat-center/threat-analyses/viruses-and-spyware/Linux~Dklkt-A.aspx
Thanks
Mark