Skip to main content

Linux malware could soon be a thing of the past

(Image credit: Shutterstock / Roman Samborskyi)

A new version of popular Linux toolkit REMnux is now available to download, equipping security analysts with an improved arsenal of tools with which to scrutinize Linux malware.

Built on Ubuntu, REMnux has been in circulation for more than 10 years, now in its seventh incarnation. The latest version, REMnux 7, does away with some tools present in previous iterations and also adds a handful of new ones to the roster.

As with previous versions, the new toolkit is configured specifically to minimize friction experienced by malware analysts and reverse engineers working to better understand Linux threats.

Linux malware

REMnux 7 is reportedly the product of a full rebuild effort, designed to make it easier for Linux users to propose changes to the package and build tools of their own.

The primary appeal of the security-focused Linux distro is that researchers are afforded access to the full breadth of available malware analysis tools, without having to discover, install or configure them.

The hundreds of individual tools that make up the REMnux 7 toolkit allow analysts to investigate potential threats, reverse-engineer malicious code, perform memory forensics, explore network and system interactions, and more.

“I’m very excited about releasing the new version of REMnux,” said Lenny Zeltser, who founded the project and maintains the toolkit.

“I’d like to extend a big thank you to all the authors of the tools that comprise the REMnux distro, without whom we’d be stuck analyzing malware with pen and paper.”

REMnux 7 can be deployed in a number of different ways, depending on preference; it can be used as a virtual appliance, installed as a full-blown Linux distro or run as a Docker container.

Anyone looking to learn more about the latest REMnux version can sign up for an introductory webcast, hosted by Zeltser himself, set to take place tomorrow at 10:30am EDT/15:30 BST.

Via Bleeping Computer