"In light of the interest in the recently discovered
Linux based Remote Shell Trojan, vnunet.com has uncovered more
details of the worm's functionality in a bid to dispel any fear,
uncertainty and doubt.
Security experts analysing the Trojan have said that it infects
Linux Executable and Linking Format (ELF) files, initially
surfacing in the /bin directory.
It should be noted, however, that infected ELF files will remain
fully functional so as to hide the infection."