Euro Truck Simulator2 Travel across Europe as king of the road, a trucker who delivers important cargo across impressive distances! With dozens of cities to explore from the UK, Belgium, Germany, Italy, the Netherlands, Poland, and many more, your endurance, skill and speed will all be pushed to their limits. If you’ve got what it takes to be part of an elite trucking force, get behind the wheel and prove it! Transport a vast variety of cargo across more than 60 European cities. Build your own fleet of trucks, buy garages, hire drivers, manage your company for maximum profits. Customize your vehicles with optional lights, bars, horns, beacons, smoke exhausts, and more. Features
Transport a vast variety of cargo across more than 60 European cities.
Run your own business which continues to grow even as you complete your freight deliveries.
Build your own fleet of trucks, buy garages, hire drivers, manage your company for maximum profits.
A varied amount of truck tuning that range from performance to cosmetic changes.
Customize your vehicles with optional lights, bars, horns, beacons, smoke exhausts, and more.
Thousands of miles of real road networks with hundreds of famous landmarks and structures.
How To Install?
Download And Mount Iso Image
Follow The Instruction & Install the game
Done!!
System Requirements MINIMUM:
OS:Windows XP Processor:Dual core CPU 2.4 GHz Memory:2 GB RAM Graphics:GeForce 7600 GT-class equivalent DirectX®:9.0c Hard Drive:4 GB HD space Sound:Direct-X compatible
RECOMMENDED:
OS:Windows 7 64-bit Processor:Quad core CPU 3.0 GHz Memory:4 GB RAM Graphics:GeForce GTS 450-class DirectX®:10 Hard Drive:10 GB HD space Sound:Direct-X compatible
ScreenShots
Euro Truck Simulator 2
Euro Truck Simulator 2 v1.20.1s Crack And All DLC’s Is Here![Latest][Exclusive]
ClashBot uses the BlueStacks Android emulator to play Clash of Clans right from your computer. Utilizing advanced image recognition algorithms we are able to detect Clash of Clans objects and apply specific algorithms and methods to each task that needs to be completed. The end result is a beautiful Clash of Clans bot that has dozens of customization options.
Easy To Use
We know Clash of Clans botting might be a first for many people which is why we made the interface extremely simple to use and configure. Not only is our help documentation extremely detailed but we also have an enourmous community of incredible individuals who are willing to help you with any problems you may have. The ClashBotcommunity is like a second family.
No Hacks or Jailbreaks Required
ClashBot allows you to bot Clash of Clans on your computer using BlueStacks, meaning there is no reason to modify your mobile device using sketchy roots or jailbreaks. ClashBot uses this system to makes sure that you’re always online and will never have to worry about being raided again!
You Choose How You Bot
Everyone has different needs and are at different stages in their Clash of Clans career. This means settings should be custom and tailored specifically to each individual user. Our features allow you to choose what troops to automatically train, what troops to automatically request and donate, what search settings to automatically search for, and what bases you wish to automatically attack and with what attack method, and much more!.
Premium Info :
FULL access to 2 Bots
Access to All Free Features
Amazing Automatic Wall Upgrading
Amazing Automatic Building Upgrading
Flawless Townhall Sniping
Amazing Dark Elixer Lightening Sniping
Amazing Troop Deployment on Red Line
Convienient Bot Status Phone Notifications
How to Run :
Download ClashBot
Run ‘Exclusive_CB_Loader_0.13.exe’ as an Administrator
Press ‘Start’
Run ClashBot and ensure injector status is green
Log in with any credentials [Example - Username: Rex - Password: Rex]
Asphalt 8 Airborne 2.1.0l Mega MOD APK+DATA Android Download
Asphalt 8 Airborne 2.1.0l Mega MOD APK+DATA Android Download,Asphalt 8 Airborne 2.1.0l Mega MOD APK+DATA Android Download,Asphalt 8 Airborne 2.1.0l Mega,Asphalt 8 Airborne 2.1.0l Mega Android Download,Asphalt 8 Airborne 2.1.0l Mega Free Download,Asphalt 8 Airborne 2.1.0l Mega Full Game Free Download,Asphalt 8 Airborne 2.1.0l Mega Game Android Download,Asphalt 8 Airborne,Asphalt 8 Airborne Mobile Download,Asphalt 8 Airborne Android Mobile Download,Asphalt 8 Airborne 2.1.0l Mega MOD APK+DATA Android Download,Asphalt 8 Airborne 2.1.0l Mega MOD APK+DATA Android Download,Asphalt 8 Airborne 2.1.0l Mega,Asphalt 8 Airborne 2.1.0l Mega Android Download,Asphalt 8 Airborne 2.1.0l Mega Free Download,Asphalt 8 Airborne 2.1.0l Mega Full Game Free Download,Asphalt 8 Airborne 2.1.0l Mega Game Android Download,Asphalt 8 Airborne,Asphalt 8 Airborne Mobile Download,Asphalt 8 Airborne Android Mobile Download, Asphalt 8 Airborne
The best Android arcade auto racing video game collection gets to a new transforming factor! Do dynamic, high-speed airborne stunts in an intense driving experience powered by a new physics engine. Credits to Roushik, Stewe & acer-a500.
FEATURES LIST DELUXE DESIRE CARS
47 high-performance automobiles (80 % of them NEW!).
Top licensed suppliers as well as models such as Lamborghini Veneno, Bugatti Veyron, Ferrari FXX and also Pagani Zonda R.
Recently recorded high-fidelity vehicle motor appears for practical audio immersion.
OBTAIN AIRBORNE
Struck the ramps and also take the race above the track.
Do barrel rolls as well as wild 360º jumps.
Maneuver through the air and also pull stunts while competing.
BRAND-NEW EXOTIC PLACES
Race in 9 different setups, such as Venice, French Guiana, Iceland, the Nevada Desert and also other exciting places!
All tracks offered in initial and also mirror variations in Occupation method.
Discover a lot of concealed shortcuts.
NEW ATTRIBUTES FOR RATE FANS IN Asphalt 8 Airborne Mod
8 seasons & 180 occasions in Career method.
Stunning visuals many thanks to next-gen shaders, real-time geometry reflection & other amazing impacts for a brand-new simulation of rate!
A comprehensive damage device like absolutely nothing you have actually seen prior to.
Have a look at the brand-new Infected as well as Drift Entrance game methods.
SIMULTANEOUS MULTIPLAYER & GHOST DIFFICULTIES
Synchronised multiplayer activity for around 8 actual challengers!
Dare pals to asynchronous races in your favorite automobiles.
Contrast scores on the new leaderboards with friends and drivers all over the world.
Share your auto racing achievements and also prove that you’re the best speed equipment.
SONGS TO REV YOUR HEART
A heart-thumping mix of impressive certified music for your video game.
Showcasing real tracks from Bloc Party, Mutemath & The Crystal Approach!
A game for followers of severe arcade racing, with genuine desire automobiles and extraordinary graphics that will certainly also kindly racing simulation enthusiasts.
Asphalt 8: Airborne is now MOGA Improved! Available at significant merchants, carrier establishments and online on the MOGAanywhere website.
What’s New ?
Summer’s over, but the latest Asphalt 8 update will help you keep the heat going a little longer!
LAMBORGHINI HURACÁN R&D: Test-drive the Lamborghini Huracán and complete each stage of upgrades to make this motorized marvel yours!
6 NEW CARS: The Lamborghini Huracán, Bentley EXP10 Speed 6 and four other super sports cars will be progressively released!
CAR MASTERY EVENTS & REWARDS: We added more than 100 brand-new Car Mastery events! Take ’em on to earn exclusive Cars & Decals!
Mega MOD 1 Info
Unlimited Tokens
Unlimited Credits
Unlimited Stars
Free Car Enhancing
Level Capped
Booster Time Multiplier
Can Play Most Races
Anti-Ban Patched (Untested)
Mega MOD 2 Info
Infinite credits
Infinite tokens
Max level
Max stars
Currency exploit (buy anything with credits)
Booster time multiplier
Infinite nitro
AIs cannot use nitro
Anti-ban (single player)
Unlock all races
How to Install & Play ?
Download the given apk & data files
Mega MOD 1 data can also be downloaded through the APK file using wifi or net
For single link data file, just download data from any link and extract it
Paste the extracted data to the internal memory card of phone e.g sdcard/android/obb
This article shows how to get and then centre-align the row of sharing items that you can get from AddThis (and it's likely that a similar technique applies to sharing buttons from other services like ShareThis, too).
If you think that Blogger's own social sharing buttons a just a bit too small and difficult position, then you may decide to use a service like AddThis to generate buttons that are more elegant all round.
Signing up with AddThis is easy: just log in to your Blogger account, and in a separate tab open up AddThis.com. Choose Create Account, and then Continue with Google. This links your Google account and your AddThis account, and is the easiest approach - but there are other options too, like creating your account with your Facebook or Twitter accounts, or even just signing up the old fashioned way with your email address.
Once you have signed up and chosen a plan (personally I just the free "Basic" plan), you need to actually install the AddThis buttons on your site. To do this:
Select one or more sets of sharing buttons (from the options available to your account type),
Choose the settings which apply to that set of buttons
Choose Activate (button in the bottom right corner of the setting screen), and
Install the code that AddThis gave you into your blog.
Installing the code that AddThis gave you is pretty much like installing any other piece of code. Typically the code you have to install has two parts:
For the piece that says:
Step 1: Add the following code to the <body> of your website.
Search for "<body" (note: no closing angle-bracket because some templates have extra instructions in there), and then put the code from AddThis after the angle bracket that goes with the <body
For the piece that says:
Step 2: Paste this code into whichever page you would like this tool to show up.
Find the location in your template that you would like the gadget (eg an HTM gadget, or inside the post statement itself - read more about the options), and copy and paste the relevant code from AddThis.
But it's not in the right place.
If you install the code as is from AddThis, you will find that the row of sharing buttons is pretty tightly linked up with the rest of the page, and left-aligned. Fortunately this is easy to change.
How to centre (or right align) rows of buttons from AddThis
To put the set of sharing buttons from AddThis at the middle of the page, you need to surround the 2nd piece of code from AddThis with another Div statement, like the one in bold below:
<div style = 'width:100%; text-align: center; margin-bottom:3em; margin-top:2em;'><!-- Go to www.addthis.com/dashboard to customize your tools --> <div class="addthis_sharing_toolbox"></div> </div>
The exact details to use depend on how exactly you want to set up your sharing-bar form AddThis. I wanted it to be centre-aligned on one of my sites, with some extra white space above and below, so I used these commands:
width:100% - says to use all of the page-width in deciding where to put the sharing bar (by detfault, it would just use the width of the sharing bar itself
text-align: centre - means that he bar will be put in the middle
margin-bottom and margin-topput some extra space above and below the gadget, so it sticks out more-so.
But you may use a different approach, depending on what your blog is trying to achieve.
What your readers see
Visitors using a web-browsers
Will see your AddThis buttons, as you defined them
Readers who subscribe to your blog's RSS feed
Will not see your blog's AddThis sharing buttons, unless they happen to click through from their feed-reader to your blog.
Readers who follow-by-email
Will not see your standard social sharing buttons at all, unless they visit your site. (AddThis does have some email newsletter buttons, but these don't automatically go into emails generated from Blogger).
Is it worth it?
For what it's worth, I recently made the change from custom sharing buttons that I'd made myself to classier looking ones from AddThis, and saw quite a jump (50% or more) in the number of social shares, across all my sites.
In this post we'll be focusing on a certain kind of malware: Linux/Xor.DDoS (also known as DDoS.XOR or Xorddos). As usual, we'll break the post down in several points:
The variant discussed in this blog post is an older variant, so certain infection mechanisms may have changed, as well as C&C's. The point of this post is to familiarize yourself with ELF malware in a better way - how to diagnose, analyse, remove and finally prevent malware from infecting your Linux machines. A lot of malware is going around and it's not (all) exclusively for Windows machines.
Background You may have heard about Linux/Xor.DDoS already, a Linux Trojan with rootkit capabilities (belonging to the category of 'ELF malware'). What exactly is an ELF file? According to Wikipedia:
In computing, the Executable and Linkable Format (ELF, formerly called Extensible Linking Format) is a common standard file format for executables, object code, shared libraries, and core dumps. Source
In other words: ELF is to Linux as PE (.exe, .com, .scr, ...) is to Windows and Mach-O to OS X.
There's a nice mini poster available by Corkami as well:
In short: Xor.DDoS is a multi-platform, polymorphic malware for Linux OS and its ultimate goal is to DDoS other machines. The name Xor.DDoS stems from the heavy usage of XOR encryption in both malware and network communication to the C&Cs (command and control servers).
There have been other write-ups about this malware as well, which will be mentioned throughout this article or referenced in the Resources section.
Diagnosis How do you know you're infected with Xor.DDoS?
First and foremost (and obviously), you'll be conducting DDoS attacks from your machine(s) to targets chosen by the malware authors.
You may use netstat to print any current network/internet connections. Use tcpdump to get a more detailed analysis of which packets you are sending out.
Secondly, another indication is seeing processes running with random names and sudden new executable files created in /etc/init.d/ or /usr/bin/ (see example below). New entries will be/are added to your crontab as well (/etc/crontab).
Malware running and its related files
You may use any command based on top or on ps to check for running malicious processes. We will see more in the Disinfection part of this blog post.
Thirdly, if you are running the standard OpenSSH server you may see an unauthorised but successful login and immediate logout afterwards.
These symptoms should be very clear, even more so if you've already implemented several measures to protect yourself from potential intruders. If not, then it'll be harder to track the infection origin as well. (but more often than not the SSH credentials of the root users are brute forced.)
To ensure your machines will not get pwned, be sure to read the Prevention part of this blog post.
Analysis First off, we have to identify how the malware entered the system. Usually, a weak root password is used (like admin or 123456, see here for a list of tried passwords. Note: huge .txt file!) or the attackers are brute forcing their way in. (brute forcing the SSH credentials of the root user) Another, but less common possibility, is exploiting a vulnerable service that you have running (Apache for example).
This figure is an excellent visual representation on how it all happens:
This variant copies itself over to /lib/libgcc.so, then creates a copy in /etc/init.d and a symbolic link to /usr/bin. Afterwards a new cron script is created and added to the crontab.
We will now take a look at one of the samples created - named bmtsfnlgxu. (SHA1: b34b6f0ec42a0153c043b0665ec47bf6e5aac894)
Easiest way on Linux is to just use the "file" command:
We can see it's an ELF 32-bit executable for i386 - and it's not stripped.
Why is that last part important? strip allows you to remove symbols and sections from choosen files, which in turn makes it harder to reverse engineer (disassemble) as well. In this case, the file doesn't seem to be stripped, great! For example, we can see the source files and get an idea of what this malware does: (this will also be shown later on in the video below, using IDA)
Moving on, we will start by using readelf for some further investigation of the file. We know, thanks to the file command, it's an ELF 32-bit executable for i386. Using readelf and parameter -h we will be able to gather more information:
This gives us more information already, for example; the magic (7F 45 4C 46 for ELF files, 4D 5A for MZ files) 2's complement, little endian, the exact type of the file (an executable; other types for ELF files may be a relocatable file, a shared object, a core file or processor specific) but most importantly here being the Entry point address, or the start of the program.
In regards to readelf, using parameter -a we can dump a ton of information, you can find the output of this command on our malware on Pastebin: Xor.DDoS - "readelf -a" output
Note that VirusTotal has added (since November 2014) detailed ELF information in reports as well, which is more or less similar to readelf's output.
To disassemble the file, we can use objdump which allows us to disassemble only those sections which are expected to contain instructions (-d parameter) or to disassemble the contents of all sections (-D parameter).
However, to dive a bit deeper into the malware code, we will be using IDA, a multi-processor disassembler and debugger and Radare, a well-known (portable) reversing framework. Note that it will still be a quick glance, as MalwareMustDie has already reported extensively about it as well [1][2][3][4]. Note also that it's always a good idea to analyse malware in a virtual environment (VM).
We will be using both tools on Windows, but you can just as easily run them on Linux or Mac.
I've made an instruction video on how to use IDA Pro Free to take a quick peek into the file discussed:
Download IDA Pro Free for Windows from here. If you're interested in working more with IDA, there's a handy list of IDA plugins available here.
... And just the same for Radare, where we will discover a bit more - namely the C&C of the malware:
Download radare2 for Windows from here. More documentation about Radare can be found here. There's also a handy cheat sheet available here.
Note that the Xor.DDoS variant discussed in this blog uses 2 XOR keys for its (network) communication, they are the following:
BB2FA36AAA9541F0
ECB6D3479AC3823F
If you like GUIs, then I have another useful utility: ELFparser. It will perform a scoring based on several factors, such as shell commands, HTTP functionality and process manipulation. For example, for our file:
You can see it's scored pretty highly. I wonder what it has to say about the hardcoded IP addresses..:
You can also see 8.8.8.8, Google's DNS server and likely used to resolve the C&C domains
Using ELFparser you can also look at the ELF header, sections, but also all of its capabilities like Information Gathering and Network Functions for example. It's a handy second-opinion tool.
Finally, one last tool which should not be missed when analysing ELF files: a sandbox. We will be using detux, a multiplatform Linux sandbox.
Connections to wangzongfacai.com and dsaj2a1.org
You have Network Analysis (IPs connected and DNS queries) and Static Analysis (Elf Info and Strings). In our example we have connections to wangzongfacai.com, not an unfamiliar domain. View the complete report made by Detux on our file here.
It's worth noting that several months ago, I already sent a file to Detux (and VirusTotal) which yielded similar results:
3000uc.com, another familiar player - and again dsaj2aX
Detux report of that file here. When I sent the latter file to VirusTotal several months ago, it only had 12 detections, after re-submitting it had 19 detections. That's better but we're still not there.
Just a visual representation of detection difference. Read this for info.
You may find an overview of all gathered files as well as most common/recurring domains and their IPs they connect to/download from here, available via AlienVault's OTX.
That's it for our Analysis section, let's move on to Disinfection.
Disinfection Most importantly, you'd of course like to remove/disinfect this malware completely. Some pointers:
Identify malicious processes: run ps ef (ps stands for process status) to see which processes are running. Alternatively, you can use top or again ps with other parameters, for example ps ej or ps aux for a more complete, human readable table. Look for processes with random names; in our example it started with S90 and random letters afterwards, linked to files with all random names, as is the case in our example malware named bmtsfnlgxu.
Once you've identified the malicious process(es), you can use the following command to find related files as well: for pid in $(ps -C -o pid=); do ls -la /proc/$pid/fd; done Where is the name of the suspicious process. This command will display any open, related files.For example, for bmtsfnlgxu it would be: for pid in $(ps -C bmtsfnlgxu -o pid=); do ls -la /proc/$pid/fd; done
Identify malicious files: look for newly created files in /etc/init.d/, /boot/ and /usr/bin/. Again, look for files with random names. You may also use the command ls -lat | head to view recently changed files.
Check your crontab (/etc/crontab). Delete the malicious cron jobs, more specifically the cron.hourly jobs and in the case of Xor.DDoS they will be the following:
Delete these two lines from your crontab. Don't forget to save. Delete the related files, located in /etc/cron.hourly. In our case, their content was as follows:
cron.sh
udev.sh
As said earlier, delete these files manually, as well as the file(s) mentioned in the scripts. (in this case: /lib/libgcc.so.bak, /lib/libgcc.so and /lib/libgcc4.4.so.) Note that these files are not related to GCC's runtime library and thus can be safely deleted. It's just another way how the malware tries to hide itself.
Also double-check there are no malicious files or scripts in /etc/rc.d. If so, remove them as well.
Stop and kill malicious processes: identify the parent process; usually it will be the one consuming the most CPU (which you can verify using any of the earlier commands, top being the easiest). Firstly, be sure to stop the parent process and wait for the child processes to die. Use the command: kill -STOP $pid
When the child processes are dead, kill the parent by using: kill -9 $pid Note: in case you see any other malicious processes, go through the last 2 commands again.
Delete any leftover malicious files: locations where the malware may reside have been indicated before, but to be complete:
/ (root directory, in rare cases) /bin/ /boot/ /etc/init.d/ /etc/rc.d /etc/rcX.d (where X is a number) /lib/ /lib/udev/ /sbin/ /tmp/ /usr/bin/
That's it. Some additional tips and tricks:
Use rm -rf to permanently remove a file. Be careful with this command.
Having troubles removing a file? Are you root? If not, try killing a process or deleting a file using root by prepending sudo before your command. For example: sudo kill -STOP $pid
Malicious process keeps coming back? Go over the steps again, but this time note down where the malware resides. Make that directory and its files unmodifiable by making use of the chattr command. For example, malware is being recreated in /usr/bin/. Use the command: chattr -R +i /usr/bin/ Then, stop the parent, wait for the children to die and kill the parent. Remove the files. Don't forget to use chattr again after you cleaned the infection. (in our example: chattr -R -i /usr/bin/)
It's also possible the malware is temporarily storing files into /tmp/ while you are trying to kill its processes. When that happens, use the same chattr command on the /tmp/ directory and start over. If you are in doubt, use that chattr command on all aforementioned directories and start over. Very important: do not forget to use chattr -R -i on them afterwards!
In rare cases, the attacker may still be connected to your box. If possible, cut the internet connection and go over the disinfection steps. If this is not possible, firstly stop SSH by entering the command: sudo /etc/init.d/ssh stop
Then, use iptables to drop any connection to the IPs the malware is connecting to (use netstat for example, see also Diagnosis) and to drop any connection from the attacker or cybercriminal. How to do this:
In our example, we learned that our C&C's were 103.25.9.228 and 103.25.9.229. Thus, type or copy/paste these 2 commands: iptables -A OUTPUT -d 103.25.9.228 -j DROP iptables -A OUTPUT -d 103.25.9.229 -j DROP
To block connection(s) from the attacker (you can find the attacker's IP using netstat for example): iptables -A INPUT -s $attackerIP -j DROP
Don't forget to save your freshly created iptables rules by using the command /etc/init.d/iptables save
Afterwards, change all passwords. (SSH, your user, root)
Best case scenario here is obviously:
restoring from a backup
if the machine is virtual, restore to a previous snapshot
When you have either of these available, don't forget to change all passwords afterwards to prevent re-infection - and patch your machine(s)!
Some Xor.DDoS variants may also incorporate a rootkit. In that case, hope you have a "best case scenario" available to you. Once a box is fully compromised, it may be hard to reinstate it back to normal or its original state.
For double-checking for rootkits and other malware, you may want to check out chkrootkit or alternatively, rkhunter. Additionally, you may download and install an antivirus, for example ClamAV.
If you perform manual clean-up as indicated above and have confirmed all is in order again, you can install ClamAV and perform an extra scan to be sure. Better be safe than sorry. Then, follow the prevention tips below to stay safe.
Prevention
Use strong passwords for SSH or use keys instead of passwords for authentication. You can read how to do that here. In the unlikely event of you not needing SSH to a particular machine, disable it on that machine by: sudo apt-get remove openssh-server
To disable it from starting up you can use: update-rc.d -f ssh remove
Don't open the incoming SSH port (default 22) to ANY, but rather restrict it to trusted IP addresses.
Use a strong firewall. In Linux there are many options, iptables is a solid choice. A good basic iptables howto can be found here. In a network or if you need to protect several machines, you may want to consider a seperate hardware appliance as your firewall/UTM/... of choice.
Iptables can do a very decent job once properly configured. In case you want to do less manual work, I advise to check out sshguard or artillery. Both can monitor and alert you when something funky happens. In the context of our blog post, it also looks for & protects against SSH bruteforce attempts. Another application to consider is fail2ban. An additional tool is snort. For more information about these tools, refer to their pages.
Consider using SELinux. Security-Enhanced Linux is a compulsory access control security mechanism provided in the kernel.
Consider locking down cron jobs to only certain users. To deny all users from using cron you can use: echo ALL >>/etc/cron.deny
Consider disabling remote root login. Read how to do that here.
If you browse a lot, consider using NoScript as well.
Keep your software and applications up-to-date, as on any system.
Consider installing an antivirus as second opinion or at least as an additional layer. This is not a necessity but may come in handy. I recommend ClamAV.
Don't forget to protect other appliances that may be running on *nix systems, for example your router (and nowadays, IoT devices). Upgrade the firmware as soon as possible and change the default root/admin password(s). Install updates/patches for your particular firewall/UTM/... as well.
Conclusion Don't be fooled: Linux malware very much exists and starts to become more prevalent. Other prevalent Linux malware nowadays is:
Every ELF malware made by the ChinaZ actor or group (Linux/ChinaZ.DDoS, Linux/Kluh, ...)
Linux/Aes.DDoS (Dofloo, MrBlack)
Linux/Bash0day (Shellshock, Bashdoor)
Linux/BillGates (Gates.B)
Linux/Elknot (DnsAmp)
Linux/GoARM (Ramgo, Goram)
Linux/IptabLes and Linux/IptabLex
Note that this list is not complete and new ELF malware may pop up every day. (it's not a question of if, but when it will pop up) You can find a list of (interesting) Linux malware here.
Hopefully you have learned new things along the way of this blog post. For any specific questions, don't hesitate to leave a comment or contact me on Twitter: @bartblaze
To conclude this blog post, some acknowledgements and resources/references:
Acknowledgements
My colleague from Panda France, Julien Gourlaouen for informing me about this incident.
Everyone who helped, helps and will help in battling creators of ELF malware, in particular @MalwareMustDie for their excellent research and increasing awareness about these threats.
Last but not least, thank youfor reading my blog post.
