:: Re: [DNG] ..are we|Devuan safe from…
Top Page
Delete this message
Reply to this message
Author: Rick Moen
To: dng
Subject: Re: [DNG] ..are we|Devuan safe from this systemd backdoor malware, taking our kernels from Debian?
Quoting Arnt Karlsen (arnt@???):

> On Fri, 30 Apr 2021 14:37:20 +0200, Arnt wrote in message
> <20210430143720.7311bc82@d44>:
> > https://www.theregister.com/2021/04/29/stealthy_linux_backdoor_malware_spotted/
> ..how it works:
> https://blog.netlab.360.com/stealth_rotajakiro_backdoor_en/

Answer: Avoid installing and running it.

This isn't any kind of intrusion tool, just yet another backdoor program
that can be installed and activated after intrusion through other means
entirely -- indistinguishable except in fine detail from countless
others that have existed for decades. And _TheReg_ was very clear about

The malware is not an exploit; rather it's a payload that opens a
backdoor on the targeted machine. It might be installed by an
unsuspecting user, an intruder, or through a dropper Trojan. How
RotaJakiro has been distributed remains unanswered.

So, there ya go: Avoid installing and running it. It's called system

Cheers,                          Grammarian's bar joke #26:  A gerund and an 
Rick Moen                        infinitive walk into a bar, drinking to forget.
McQ! (4x80)