[Intel]: https://www.intezer.com/blog/incident-response/orbit-new-undetected-linux-threat/ #468
Labels
missing:tag:Non-persistentStorage
missing:tag:T1005
missing:tag:T1021.004
missing:tag:T1037
missing:tag:T1040
missing:tag:T1048
missing:tag:T1053.003
missing:tag:T1057
missing:tag:T1059.006
missing:tag:T1070.004
missing:tag:T1071.001
missing:tag:T1491
missing:tag:T1546.004
missing:tag:T1548.003
missing:tag:T1556.003
missing:tag:T1562.004
missing:tag:T1567
missing:tag:T1573
missing:tag:T1574.006
Area
Malware reports
Parent threat
Persistence, Defense Evasion
Finding
https://www.intezer.com/blog/incident-response/orbit-new-undetected-linux-threat/
Industry reference
uses:LD_PRELOAD
attack:T1574.006:Dynamic Linker Hijacking
attack:T1548.001:Setuid and Setgid
attack:T1556.003:Pluggable Authentication Modules
attack:T1027:Obfuscated Files or Information
attack:T1082:System Information Discovery
attack:T1562.001:Disable or Modify Tools
attack:T1003.007:Proc Filesystem
attack:T1563.001:SSH Hijacking
uses:PortHiding
uses:Non-persistentStorage
Malware reference
OrBit
/malware/binaries/OrBit
Actor reference
No response
Component
Linux
Scenario
No response
The text was updated successfully, but these errors were encountered: