Linux Webserver Rootkit Attacks Internet Users

[Guest]

Security software maker has released an analysis of a rootkit that recently showed up on the Full Disclosure mailing list.

Linux Webserver Rootkit Attacks Internet Users : Read more

 

[dormantreign]

Way to piss off the hacker, Now he's read this he'll be up all night eating pizza pockets fixing his program.

 

[DSpider]

2.6.32-5-amd64?

I'm thinking Debian (stable).

 

[A Bad Day]

[citation][nom]dormantreign[/nom]Way to piss off the hacker, Now he's read this he'll be up all night eating pizza pockets fixing his program.[/citation]

And then the buyer will keep introducing new flaws to "improve" it.

"What do you mean my rootkits got infected and zombiefied?"

 

[randomizer]

Ah, a typical case of the client thinking that they have to add their little bit to feel like they've made some contribution. Happens in every industry, even criminal. I don't even know why they bother to hire contractors if they think they can do a better job.

 

[mayankleoboy1]

2.6.32-5 is oldish. The version that still gets security updates is the 2.6.38 branch.

 

[randomizer]

[citation][nom]mayankleoboy1[/nom]2.6.32-5 is oldish. The version that still gets security updates is the 2.6.38 branch.[/citation]
As does 2.6.32, depending on the distro. But yes, this is an older kernel. It's even older than the one that shipped with Debian Squeeze (same minor version, but an older build).

 

[Guest]

WTF, what a sensationalist headline... Linux is an secure operating system, which is why it has over 90% of the web server market while Windows is tied with BSD with about 5%. Desktop Linux users will only have social engineering attacks to fear if Linux hits 100% of the desktop/laptop market, because if it were possible to own it, there's already more than enough incentive for hackers to attack those hundreds of millions of web servers. Instead, we only get these 'proof of concept' viruses that can't actually do anything.

The headline would have you believe that there was a web server virus out there wreaking havoc as we speak, but it apparently only has the potential to infect the tiny percentage of web servers running that particular kernel. I wonder how much Microsoft paid for that headline, I expect the Microsoft PR bots to cite it constantly as "proof" that Linux is also insecure.

 

[A Bad Day]

Linux is an secure operating system

Anything can be broken into, IF:

1. It can be accessed by a human.

 

[in_the_loop]

Linux Webserver Rootkit Attacks Internet Users

IS this really a correct headline?
How does this rootkit attack us users in any kind of way?
Isn't it the webservers that are infected?

Or is this something that is spread to users?

Nothing is told in what type of way we as users are being attacked?
What kind of harm does do for us users directly?

A really unclear written article that doesn't build further on the headline at all.

 

[serendipiti]

[citation][nom]in_the_loop[/nom]IS this really a correct headline?How does this rootkit attack us users in any kind of way?Isn't it the webservers that are infected?Or is this something that is spread to users?Nothing is told in what type of way we as users are being attacked?What kind of harm does do for us users directly?A really unclear written article that doesn't build further on the headline at all.[/citation]

"adds an iframe to all served web pages -> "adds (or tries to add, as I read) malware to all served web pages".
I also[citation][nom]L1npr0[/nom]WTF, what a sensationalist headline... Linux is an secure operating system, which is why it has over 90% of the web server market while Windows is tied with BSD with about 5%. Desktop Linux users will only have social engineering attacks to fear if Linux hits 100% of the desktop/laptop market, because if it were possible to own it, there's already more than enough incentive for hackers to attack those hundreds of millions of web servers. Instead, we only get these 'proof of concept' viruses that can't actually do anything.The headline would have you believe that there was a web server virus out there wreaking havoc as we speak, but it apparently only has the potential to infect the tiny percentage of web servers running that particular kernel. I wonder how much Microsoft paid for that headline, I expect the Microsoft PR bots to cite it constantly as "proof" that Linux is also insecure.[/citation]

I like the idea that despite of desktop market share, the interesting things are in linux servers, which should be percentually more targeted... But anyways, Linux is secure while you keep in mind that (and why) could fail (isn't like the life itself ?)...

 

[bit_user]

They didn't say what's the infection vector of the root kit. That's the important part.

 

[Tomtompiper]

This is a non story, about a non event.

 

[f-14]

the head line is about as accurate as a blind man navigating the ocean in a row boat.

the head line could read new linux virus targets 'the cloud' and it would be 1 million times more accurate.

this virus was made to target something specific using that older kernel. what? idk we'll just have to wait and find out. probably some 'anonymous' member at school training for a career in the anti virus industry where they can actually do something real and tangibly positive for the world instead of all that made up nerd rage they prance about in tutu's patting themselves on the backs for doing nothing positive in this world.

 

[daglesj]

No point in attacking Linux webservers. Most attacks nowadays are ransomware to get folks that are not very IT literate to hand over their credit card details.

Thats most of it.

Locking out the webservers is not going to garner such info and will stop the crooks getting to the babyboomers that will.

 

[extremepcs]

Lies. Linux is immune to viruses, just like Mac's.