Security researchers have discovered that a notorious threat group has upgraded its arsenal with a new tool that enable its malware to avoid detection in Linux.
Researchers at AT&T’s Alien Labs report that the TeamTNT cybercrime group, known for its break-ins into popular cloud instances for mining cryptocurrency, is now using a detection-evasion tool that is based on the open source libprocesshider library.
The libprocesshider library describes itself as a means to “hide a process under Linux.”