Efficient Ops
Nov 25, 2024 · Information Security
Uncovering the gpg-agentd Malware: How an Alibaba Cloud Server Was Compromised
This article walks through a real-world intrusion on an Alibaba Cloud CentOS server, detailing how a disguised gpg-agentd process was used to install backdoors, hijack SSH keys, exploit Redis, and launch mass scanning, and provides concrete hardening recommendations to prevent similar attacks.
Server Securitylinux incident responsemalware
0 likes · 13 min read