21 min listen
New developments in the WSL attack. [Research Saturday]
FromCyberWire Daily
ratings:
Length:
22 minutes
Released:
Jun 11, 2022
Format:
Podcast episode
Description
Danny Adamitis from Lumen's Black Lotus Labs, joins Dave to discuss new developments in the WSL attack surface. Since September 2021, Black Lotus Labs have been monitoring malware repositories as a part of their proactive threat hunting process. Danny shares how researchers discovered a series of suspicious ELF files compiled for Debian Linux .
The research states how the team identified a series of samples that target the WSL environment, were uploaded every two to three weeks and that they started as early as May 3, 2021 and go until August 22, 20221.
The research can be found here:
Windows Subsystem For Linux (WSL): Threats Still Lurk Below The (Sub)Surface
No Longer Just Theory: Black Lotus Labs Uncovers Linux Executables Deployed As Stealth Windows Loaders
The research states how the team identified a series of samples that target the WSL environment, were uploaded every two to three weeks and that they started as early as May 3, 2021 and go until August 22, 20221.
The research can be found here:
Windows Subsystem For Linux (WSL): Threats Still Lurk Below The (Sub)Surface
No Longer Just Theory: Black Lotus Labs Uncovers Linux Executables Deployed As Stealth Windows Loaders
Released:
Jun 11, 2022
Format:
Podcast episode
More Episodes from CyberWire Daily
Encore: Welcome to New York, it's been waitin' for you. [Research Saturday] by CyberWire Daily