Member-only story
In this blog, we delve into a compromise assessment of a Linux server targeted by an APT group, uncovering various attack tactics and indicators of compromise. Through investigation, we identify backdoor accounts, persistence mechanisms such as cronjobs, hidden processes, and suspicious services. Using commands like ps aux, grep, and dpkg, we expose how the attacker maintained access and what malicious packages were installed.
Curious to see the detailed breakdown and walkthrough? Watch our full video to follow along with each step of this analysis! Don’t forget to subscribe and stay informed.
