:: Re: [DNG] ..are we|Devuan safe from…
Inizio della pagina
Delete this message
Reply to this message
Autore: Rick Moen
Data:  
To: dng
Oggetto: Re: [DNG] ..are we|Devuan safe from this systemd backdoor malware, taking our kernels from Debian?
Quoting Arnt Karlsen (arnt@???):

> On Fri, 30 Apr 2021 14:37:20 +0200, Arnt wrote in message
> <20210430143720.7311bc82@d44>:
>
>
> > https://www.theregister.com/2021/04/29/stealthy_linux_backdoor_malware_spotted/
>
> ..how it works:
> https://blog.netlab.360.com/stealth_rotajakiro_backdoor_en/


Answer: Avoid installing and running it.

This isn't any kind of intrusion tool, just yet another backdoor program
that can be installed and activated after intrusion through other means
entirely -- indistinguishable except in fine detail from countless
others that have existed for decades. And _TheReg_ was very clear about
that:

The malware is not an exploit; rather it's a payload that opens a
backdoor on the targeted machine. It might be installed by an
unsuspecting user, an intruder, or through a dropper Trojan. How
RotaJakiro has been distributed remains unanswered.

So, there ya go: Avoid installing and running it. It's called system
administration.

-- 
Cheers,                          Grammarian's bar joke #26:  A gerund and an 
Rick Moen                        infinitive walk into a bar, drinking to forget.
rick@???                                                           
McQ! (4x80)