TeamTNT has updated its Linux cryptojacking malware to evade detection with open-source detection evasion capabilities. The group is mostly known for targeting and compromising Internet-exposed Docker instances for unauthorized Monero (XMR) mining. It has also updated its Black-T malware to also harvest user credentials from infected servers. AT&T Alien Labs security researcher Ofer Caspi says the group is using a new detection evasion tool, copied from open source repositories. The tool is known as libprocesshider and is available on Github that can be used to hide any Linux process.
Source: https://www.bleepingcomputer.com/news/security/linux-malware-uses-open-source-tool-to-evade-detection/