Malware
Skidmap
First seen: 2019 • Status: active
Currently Active Threat
Skidmap is sneaky mining malware for Linux that hides so deep in the system that normal tools cannot see it stealing your computers power.
Overview
Skidmap is a Linux cryptocurrency miner with kernel-mode rootkit capabilities. It can hide its mining activity from system monitoring tools.
Also Known As
SkidMap
How It Spreads
- • Misconfigured Redis
- • Cron job exploitation
- • SSH compromise
What It Does
- • Cryptocurrency mining
- • Kernel rootkit
- • Process hiding
- • Resource theft
Is your business exposed?
Target Platforms
Linux
Detection Tips
- • Monitor for hidden mining processes
- • Check for kernel module modifications
- • Analyze CPU usage anomalies
- • Review cron job additions
MITRE ATT&CK Techniques
T1496, T1014, T1564, T1059
If You're Infected
- 1.
Detect and remove rootkit components
- 2.
Terminate mining processes
- 3.
Rebuild kernel if necessary
- 4.
Secure Redis and SSH
Is your business exposed?
Check if your company data is circulating on the dark web
Free scan • No credit card required