Discover Hacks/Cracks News
New Syslogk Linux Rootkit Uses Magic Packets to Trigger Backdoor
A new Linux rootkit malware named ‘Syslogk’ is being used in attacks to hide malicious processes, using specially crafted "magic packets" to awaken a backdoor laying dormant on the device.
The malware is currently under heavy development, and its authors appear to base their project on Adore-Ng, an old open-source rootkit.
Syslogk can force-load its modules into the Linux kernel (versions 3.x are supported), hide directories and network traffic, and eventually load a backdoor called ‘Rekoobe.’