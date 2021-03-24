A few weeks ago an ordinary security assessment turned into an incident response whirlwind. It was definitely a first for me, and I was kindly granted permission to outline the events in this blog post. This investigation started scary but turned out be quite fun, and I hope reading it will be informative to you too. I'll be back to posting about my hardware research soon.

How it started

What hell is this?

The NFS Server

2nd malicious binary

Further forensics

Eureka Moment

The GOlang thingy

How the kernel got patched? and why not the golang app?

What we have so far

Q&A