Linux Today: Linux News On Internet Time.

SSH Key-based Attacks On Linux Hosts

Aug 27, 2008, 14:01 (0 Talkback[s])

" Once root access has been obtained, a rootkit known as "phalanx2" is installed.

"Phalanx2 appears to be a derivative of an older rootkit named "phalanx". Phalanx2 and the support scripts within the rootkit, are configured to systematically steal SSH keys from the compromised system."

Complete Story

Related Stories: