SSHD rootkit in the wild

Posted by slacker_mike on Feb 23, 2013 8:21 AM
By isc.sans.edu
Mail this story
Web version

There are a lot of discussions at the moment about a SSHD rootkit hitting mainly RPM based Linux distributions. Thanks to our reader unSpawn, we received a bunch of samples of the rootkit. The rootkit is actually a trojanized library that links with SSHD and does *a lot* of nasty things to the system.

Full Story

Printed at http://lxer.com/module/newswire/view/181272/index.html