Trend Micro – Security Intelligence – A Quick and Efficient Method For Locating the main() function of Linux ELF Malware Variants – CSO

In the past few years, Linux systems have been susceptible to attacks involving ransomware, cryptocurrency miners, botnets and other types of malware. The successful deployment of the said attacks refutes an old notion that machines and devices that run Linux are less likely to be affected by malware.
To come up with effective countermeasures, we constantly work on developing methods to address concerns pertaining to attacks against Linux systems, for example, by looking for ways to conduct quick and efficient analysis of malware samples that leads to their eventual detection and blocking. One of these methods involve reverse engineering files to locate the address of the main() function, which usually contains code that malware authors craft to start malicious routines.
The post A Quick and Efficient Method For Locating the main() function of Linux ELF Malware Variants appeared first on .

Read the full article