New Syslogk Linux Rootkit Lets Attackers Remotely Command It Using "Magic Packets"

Discussion in 'News Aggregator' started by Ravie Lakshmanan, 14 Jun 2022.

  1. A new covert Linux kernel rootkit named Syslogk has been spotted under development in the wild and cloaking a malicious payload that can be remotely commandeered by an adversary using a magic network traffic packet. "The Syslogk rootkit is heavily based on Adore-Ng but incorporates new functionalities making the user-mode application and the kernel rootkit hard to detect," Avast security

    Continue reading...
     

Share This Page

Loading...