Stealthy Linux rootkit found in the wild after going undetected for 2 years

L4sBot@lemmy.worldmod to Technology@lemmy.world – 187 points – Stealthy Linux rootkit found in the wild after going undetected for 2 years
arstechnica.com

Stealthy Linux rootkit found in the wild after going undetected for 2 years::Krasue infects telecom firms in Thailand using techniques for staying under the radar.

23

You are viewing a single comment
View all comments

Zero useful info: what is the attack vector / vulnerability exploited? Without that info, this is useless

Well, most of us can relax I believe: The rootkit supports Linux Kernel versions are 2.6x/3.10.x
https://www.bleepingcomputer.com/news/security/krasue-rat-malware-hides-on-linux-servers-using-embedded-rootkits/

The only thing I know runs that kernel version is my Wii because it needs an old kernel for ppc32 support

Be careful, one day you'll boot it up only to find some hacker have set new and impossible to beat highscores.

From the article:

The researchers have so far been unable to determine precisely how Krasue gets installed.

So no one knows yet. But I feel that the existence of malware in the wild is newsworthy, even if we don't know how it got there. Regardless, you and I probably don't have to worry about it unless you're a Thai telecom.