A Deep-Dive on Symbiote: A New, Nearly-Impossible-to-Detect Linux Threat

On-Demand Webinar

Summary

A few months ago, in a joint collaboration with Intezer, we discovered a new, previously undetected malware that acts in a parasitic nature and affects Linux^® operating systems. It appears to have been written to target the financial sector in Latin America. We have aptly named this malware Symbiote.

Symbiote is a highly evasive malware whose main objective is to capture credentials and to facilitate backdoor access to infected machines. Once on the host machine, it cleverly hides itself, its network traffic, and any other malware used by the threat actor. Because it operates as a userland level rootkit, detecting a Symbiote infection may be nearly impossible. What makes Symbiote different from other Linux malware is its ability to infect running processes, rather than using a standalone executable file to inflict damage. Symbiote is one of the most sophisticated Linux threats we’ve seen in recent times, but trends we’ve observed in the current threat landscape suggest it won’t be the last.

Please join our Most Distinguished Threat Researcher Dmitry Bestuzhev on this deep dive to learn more about Symbiote and how to protect your users and your network environment against it.

Speaker

Dmitry Bestuzhev
Most Distinguished Threat Researcher
BlackBerry

Register for the on-demand webinar

State

Province

By completing this form, you agree to BlackBerry processing your personal data for the purpose of contacting you about the software or service you have selected.

Are you sure you don't want to stay in touch?

If you'd like to receive communications from us, please select the box above. You can always update your preferences later from our Privacy Policy. If the box is left blank, your information will NOT be collected by BlackBerry.

Download Now

Error submitting form. Please try again later.

Products

Cybersecurity

CylanceMDR

CylanceENDPOINT

CylanceEDGE

Secure Digital Workplace

BlackBerry UEM

BlackBerry Work

BlackBerry Dynamics Platform

BlackBerry Workspaces

BBMe

Critical Event Management

BlackBerry AtHoc

Secure Communications

SecuSUITE

Secure Embedded Software

QNX Software Development Platform 8.0

QNX Accelerate

QNX Hypervisor

Certicom PKI and Key Management

Automotive

IVY

QNX Sound

QNX ADAS Platform

Transportation Tracking

BlackBerry Radar

BlackBerry Radar Asset Tracking

BlackBerry R2 and A2 Sensors

Services

Assess

Red Team / Attack Simulation

Penetration Testing

Strategic Services

Defend

Managed Detection and Response

Digital Forensics

Incident Response

Implement

Cylance Solutions

Secure Digital Workplace

QNX Professional Services

Report an Incident

Report Incident

Contact Support

Solutions

Endpoint Security

Generative AI

Managed SOC

AI-Powered Cyber Defense

VPN Alternative

Network Defense

Ransomware Protection

Secure Operational Technology

Secure Digital Workplace

Secure Anywhere Working

Mobile Productivity

Content Collaboration

BYOD

Secure Browsing

Secure Communications

Secure Voice, Messaging & Conferencing

Crisis Communications

Threat Research

Threat Center

Threat Reports

Research

Tools and IOCs

Embedded Systems

Connected Autonomous Vehicles

Robotics and Automation

Medical Devices

Commercial Vehicles

Aerospace and Defense

Rail

Transportation Tracking

Chassis and Flatbed Tracking

Intermodal Container Tracking

Trailer Tracking

Railcar Tracking and Monitoring

Equipment Tracking