SSHD rootkit heads up

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View

   SSHD rootkit in the wild
   Published: 2013-02-21,
   Last Updated: 2013-02-22 09:23:59 UTC

   There are a lot of discussions at the moment about a SSHD rootkit
   hitting mainly RPM based Linux distributions.
   Thanks to our reader unSpawn, we received a bunch of samples of the
   rootkit. The rootkit is actually a trojanized library that links with
   SSHD and does *a lot* of nasty things to the system.

I use mplayer for as much as possible. It is a gem. Unsurprisingly
Stallman is ANTI mplayer. And why? Because it allows you to plug in
closed source codecs. He's a tool.

Re: SSHD rootkit heads up

Hash: SHA256

Chris Ahlstrom wrote:

Quoted text here. Click to load it

Here are some more interesting information on that.

Version: GnuPG v1.4.10 (GNU/Linux)


Re: SSHD rootkit heads up

Lusotec wrote:
Quoted text here. Click to load it

Yup, maybe Linux is insecure by design?
Just repeat after me what has often been said in COLA:
"The OS can't be blamed"
"The user has to be blamed"
"There is NO Linux malware"
Are these claims still valid?. Lusrtec!

Quoted text here. Click to load it

Re: SSHD rootkit heads up

Quoted text here. Click to load it

   So that's why we're talking about rootkits here and not
malformed JPEG documents or bad websites...


   You're like Typhoid Mary over there trying to screech that someone
else is some sort of biohazard.

    "If I give you a pfennig, you will be one pfennig richer and      
    I'll be one pfennig poorer. But if I give you an idea, you will     |||
    have a new idea, but I shall still have it, too."                  / | \
~ Albert Einstein

Re: SSHD rootkit heads up

On 2/22/13 12:50 PM, in article slrnkifj0a.ldk.jedi@nomad.mishnet,

Quoted text here. Click to load it

The point is that if this were on Windows the "advocate" reaction would be
to blame the OS.  

Not that it should be ignored that the only two OSs with *major* malware
concerns are Windows and Android, *any* OS can get malware, even iOS, OS X,
and desktop Linux.  

"In fact, the main goal of Linux might be called usability... the most
important thing is that it works well and people ... want to use it."
-- Linus Torvalds

Proprietary software vulnerability causes rootkit injection

Verily I say unto thee that Lusotec spake thusly:
Quoted text here. Click to load it

From the available evidence it seems this security breach was cause by a
proprietary application called CPanel, a notoriously insecure Web
interface for configuring servers.

Yet another good reason to choose Free Software.

(Subject corrected.)

K.                           | "You see? You cannot kill me. There is no flesh |  and blood within this cloak to kill. There is
Fedora 8 (Werewolf) on ?ky   |  only an idea. And ideas are bulletproof."
kernel, up 122 days |    ~ V for Vendetta.

Site Timeline