Widespread availability of PoC Linux LD_PRELOAD rootkits means that even trivial cryptomining attacks are starting to deploy them. This talk demonstrates a simple LD_PRELOAD rootkit and techniques for detecting them in a live response scenario and by memory analysis. Get the jump on your adversaries with this fast-paced, practical introduction.

Chat with your fellow attendees in the Antisyphon Discord server here:   / discord   -- in the #webcast-livestreams channel