From securityaffairs.co
According to researchers from AT&T’s Alien Labs, malware authors are choosing the Ezuri memory loader for their malicious codes.
The Ezuri memory loader tool allows to load and execute a payload directly into the memory of the infected machine, without writing any file to disk.
Experts pointed out that while this technique common in Windows malware, it is rare in Linux attacks.