:: Re: [DNG] ..are we|Devuan safe from…
Top Page
This message is part of the following thread:
M-----\the complete thread tree sorted by date
M-+-+\MMartin Steigerwald at <-
M\M\MMM\Arnt Karlsen at ->
Delete this message
Reply to this message
Author: Rick Moen
Date:  
To: dng
Subject: Re: [DNG] ..are we|Devuan safe from this systemd backdoor malware, taking our kernels from Debian?
Quoting Arnt Karlsen (arnt@???):

> On Fri, 30 Apr 2021 14:37:20 +0200, Arnt wrote in message
> <20210430143720.7311bc82@d44>:
>
>
> > https://www.theregister.com/2021/04/29/stealthy_linux_backdoor_malware_spotted/
>
> ..how it works:
> https://blog.netlab.360.com/stealth_rotajakiro_backdoor_en/

Answer: Avoid installing and running it.

This isn't any kind of intrusion tool, just yet another backdoor program
that can be installed and activated after intrusion through other means
entirely -- indistinguishable except in fine detail from countless
others that have existed for decades. And _TheReg_ was very clear about
that:

The malware is not an exploit; rather it's a payload that opens a
backdoor on the targeted machine. It might be installed by an
unsuspecting user, an intruder, or through a dropper Trojan. How
RotaJakiro has been distributed remains unanswered.

So, there ya go: Avoid installing and running it. It's called system
administration. 

-- 
Cheers,                          Grammarian's bar joke #26:  A gerund and an 
Rick Moen                        infinitive walk into a bar, drinking to forget.
rick@???                                                           
McQ! (4x80)

This message was posted to the following mailing lists:
dng
Mailing List Info | Nearby Messages		<-Re: [DNG] Hopman (Was: ..are we|Devuan safe from this systemd backdoor malware (...)?Re: [DNG] ..are we|Devuan safe from this systemd backdoor malware, taking our kernels from Debian?->

Donate to Dyne.org

dyne.org open discussions
administrated by dyne.org hackers		Lurker (version 2.3)