SYMBOLCOMMON_NAMEaka. SYNONYMS
elf.cdorked (Back to overview)

CDorked

aka: CDorked.A

This is in the same family as eBury, Calfbot, and is also likely related to DarkLeech

References
2014-03-18Daniel B. Cid
@online{cid:20140318:windigo:7fd6adb, author = {Daniel B. Cid}, title = {{Windigo Linux Analysis – Ebury and Cdorked}}, date = {2014-03-18}, url = {https://blog.sucuri.net/2014/03/windigo-linux-analysis-ebury-and-cdorked.html}, language = {English}, urldate = {2019-12-18} } Windigo Linux Analysis – Ebury and Cdorked
CDorked
2013-05-02ESET ResearchStephen Cobb
@online{cobb:20130502:stealthiness:6579e26, author = {Stephen Cobb}, title = {{The stealthiness of Linux/Cdorked: a clarification}}, date = {2013-05-02}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2013/05/02/the-stealthiness-of-linuxcdorked-a-clarification/}, language = {English}, urldate = {2019-11-14} } The stealthiness of Linux/Cdorked: a clarification
CDorked
2013-05-01CiscoMary Landesman
@online{landesman:20130501:linuxcdorked:348acc3, author = {Mary Landesman}, title = {{Linux/CDorked FAQs}}, date = {2013-05-01}, organization = {Cisco}, url = {https://blogs.cisco.com/security/linuxcdorked-faqs}, language = {English}, urldate = {2020-01-09} } Linux/CDorked FAQs
CDorked
2013-04-30SymantecKaoru Hayashi, Joseph Bingham, Takayoshi Nakayama
@online{hayashi:20130430:linuxcdorked:5456e0a, author = {Kaoru Hayashi and Joseph Bingham and Takayoshi Nakayama}, title = {{Linux.Cdorked}}, date = {2013-04-30}, organization = {Symantec}, url = {https://www.symantec.com/security-center/writeup/2013-050214-5501-99}, language = {English}, urldate = {2019-12-06} } Linux.Cdorked
CDorked
2013-04-26ESET ResearchPierre-Marc Bureau
@online{bureau:20130426:linuxcdorkeda:ab3e321, author = {Pierre-Marc Bureau}, title = {{Linux/Cdorked.A: New Apache backdoor being used in the wild to serve Blackhole}}, date = {2013-04-26}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2013/04/26/linuxcdorked-new-apache-backdoor-in-the-wild-serves-blackhole/}, language = {English}, urldate = {2019-11-14} } Linux/Cdorked.A: New Apache backdoor being used in the wild to serve Blackhole
CDorked

There is no Yara-Signature yet.