Intel Name: Auto-color: an emerging and evasive linux backdoor
Date of Scan: February 25, 2025
Impact: Medium
Summary: “Auto-Color: An Emerging and Evasive Linux Backdoor” refers to a new Linux malware discovered between November and December 2024. The malware, named after a file it renames itself upon installation, uses multiple evasion techniques, such as employing benign file names, hiding remote command and control (C2) connections, and utilizing proprietary encryption for communications. Once installed, Auto-color grants attackers full remote access, making it difficult to remove without specialized tools. The article explores the malware’s installation, evasion strategies, capabilities, and indicators of compromise (IoCs) to help users identify and defend against it.
