Did I miss it in the article? I cannot determine what the attack vector is. Am I downloading a malicious file? Am I running an insecure publicly facing service?
This is the backdoor that’s deployed after a host is compromised. How the host is compromised is somewhat irrelevant. It could be exploited manually, social engineering, a worm, etc.
Ok, makes sense. Thanks for clarifying.
What is the recommended AV scan solution for Linux? Sounds like it’s needed these days.
Kaspersky Endpoint for businesses. This is the only competent solution that exists as a realtime AV. The fact is, most AV companies do not make AV for Linux, and most of those who do, make it just for the business and not from a competence POV. Regardless of your political stance, Kaspersky is by far the anti-malware industry king, both in terms of heuristic and blacklist protection and in terms of annual global reports.
