In this video we demonstrate Sandfly's new file and directory stealth rootkit de-cloaking feature on the sedexp malware targeting Linux. We also show how it works for the Diamorpine and Reptile rootkits which are frequently used as the basis for new stealth malware. The hiding tactics used are made instantly visible with our agentless Linux security platform.
The sedexp malware was recently reported by AON. We recommend you read this report to learn how this malware operates and targeted financial services.