Follow

RT @michalmalik@twitter.com

Very nasty Linux backdoor with multiple components virustotal.com/gui/file/c69ee0

- Kills & uninstalls AV: clamav, avast, avg, drweb, esets
- Very persistent
- Uses Gates malware
- Uses Brootkit
- Uses CVE-2016-5195 to get root
- Infects other systems from known_hosts, .bash_history

Sign in to participate in the conversation
chaos.social

chaos.social – a Fediverse instance for & by the Chaos community