New Attack Sneaks Rootkits Into Linux Kernel

Apr 15, 2009, 17:02 (11 Talkback[s])
(Other stories by Kelly Jackson Higgins)

"The attack attack exploits an oft-forgotten function in Linux versions 2.4 and above in order to quietly insert a rootkit into the operating system kernel as a way to hide malware processes, hijack system calls, and open remote backdoors into the machine, for instance. At Black Hat Europe this week in Amsterdam, Anthony Lineberry, senior software engineer for Flexilis, will demonstrate how to hack the Linux kernel by exploiting the driver interface to physically addressable memory in Linux, called /dev/mem."

Complete Story

Related Stories:

• Editor's Note: Instead of Throwing Everyone In Jail, Fix Your Lousy Products(Dec 06, 2008)
• Growth in Internet Crime Calls for Growth in Punishment(Dec 04, 2008)
• Shred and Secure-Delete: Tools for Wiping Files, Partitions and Disks in GNU/Lin(Dec 03, 2008)
• 25 Arguments for the Elimination of Copy Protection(Oct 21, 2008)
• With Linux, Even Rootkits Are Open Source(Sep 10, 2008)
• Open Source Release Takes Linux Rootkits Mainstream(Sep 05, 2008)
• Linux Detecting/Checking Rootkits with Chkrootkit and rkhunter Software(Jan 29, 2008)
• eBay: Botnets are Linux-Happy(Oct 03, 2007)
• Tracking down h4X0rZ(Jun 08, 2007)
• CNET News: PC Hardware Can Pose Rootkit Threat(Mar 03, 2007)
• All About Linux: Various Ways of Detecting Rootkits in GNU/Linux(Dec 19, 2006)