Alerts This Week
Warning Icon 1 1,154
Alerts This Week
Warning Icon 1 1,154

Reptile Rootkit: Advanced Malware Threatening Linux in South Korea

20.Lock AbstractDigital Circular Esm H446

Threat actors are using an open-source rootkit called Reptile to target Linux systems in South Korea.

"Unlike other rootkit malware that typically only provide concealment capabilities, Reptile goes a step further by offering a reverse shell, allowing threat actors to easily take control of systems," the AhnLab Security Emergency Response Center (ASEC) said in a report published this week. 

"Port knocking is a method where the malware opens a specific port on an infected system and goes on standby. When the threat actor sends a magic packet to the system, the received packet is used as a basis to establish a connection with the C&C server."

A rootkit is a malicious software program that's designed to provide privileged, root-level access to a machine while concealing its presence. At least four different campaigns have leveraged Reptile since 2022.

The link for this article located at The Hacker News is no longer available.

Your message here
Your message here