Linux has long been the preferred operating system for enterprise platforms and Internet of Things (IoT) manufacturers. Linux-based devices are continually being deployed in smart systems across many different industries, with IoT gateways facilitating connected solutions and services central to different businesses. In connection to their widespread use, we’ve also seen the number of Linux-focused security threats on the rise. We previously reported on a string of Linux threats in 2016, the most high-profile of which was the Mirai malware (detected by Trend Micro as ELF_MIRAI family).
A new addition to the list of Linux threats is the recently detected Linux ARM malware ELF_IMEIJ.A (detected by Trend Micro as ELF_IMEIJ.A). The threat exploits a vulnerability in devices from AVTech, a surveillance technology company. The vulnerability was discovered and reported by Search-Lab, a security research facility, and was disclosed to AVTech on October 2016. However, even after repeated attempts by Search-Lab to contact the vendor there was no response.