Dark Reading

Krasue RAT Uses Cross-Kernel Linux Rootkit to Attack Telecoms

Attackers likely tied the creators of the XorDdos Linux remote access Trojan (RAT) have been wielding a separate Linux RAT for nearly two years without detection, using it to target organizations in ...
The Hacker News

SSHStalker Botnet Uses IRC C2 to Control Linux Systems via Legacy Kernel Exploits

Researchers uncover SSHStalker, an IRC botnet exploiting legacy Linux flaws and SSH servers to build persistent covert access.
CSOonline

Stealthy, tricky to remove rootkit targets Linux systems on ARM and x86

Security researchers have identified a new family of Linux rootkits that, despite running from user mode, can be hard to detect and remove. Called Umbreon, after a Pokémon character that hides in the ...
CSOonline

New Linux Rootkit detector-Rootkit Profiler

New Linux rootkit detector. Read and download it here. RKProfiler LX is divided into two parts: a data collection component called "Rootkit Profiler Module" (RKPmod) and a data interpretation ...
Bleeping Computer

Krasue RAT malware hides on Linux servers using embedded rootkits

Security researchers discovered a remote access trojan they named Krasue that is targeting Linux systems of telecommunications companies and managed to remain undetected since 2021. They found that ...
Ars Technica

Stealthy Linux rootkit found in the wild after going undetected for 2 years

So, are the people downvoting you trying to bury their heads in the sand? You're spot on with this. Whenever there is a catastrophic bug/exploit in Linux...hiding in plain sight in many cases...people ...
Computerworld

Rootkits

Listen to the Computerworld TechCast: Rootkits. If an illegal hacker wants to do something to your system, such as plant a virus, a Trojan horse program or spyware, he has to gain access to the system ...