hypnosec writes: Security researchers have come across a piece of code that seems to be some unfinished rootkit targeting Linux systems and that employs never used before methods of hiding malicious commands. First spotted on Seclists' Full Disclosure Mailing List the rootkit specifically targets Linux kernel version 2.6.32-5-amd64 that is found on 64-bit Debian Squeezy systems and uses "advanced techniques to hide itself," while infecting websites hosted on compromised webservers by injecting malicious iFrames into the HTTP response traffic by directly modifying the TCP packets in a bid to carry out drive-by-downloads on systems used to access sites hosted on compromised HTTP servers. Experts are of the opinion that this rootkit may be the next step in iFrame injecting cyber crime operations, driving traffic to exploit kits.
Attend or create a Slashdot 20th anniversary party! DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Check out the new SourceForge HTML5 Internet speed test. ×