Linux Malware

Dominique Michel dominique.michel at vtxnet.ch
Fri Nov 15 18:48:27 PST 2013


Le Fri, 15 Nov 2013 15:10:12 -0800,
Stephen Reichow <stephen.reichow at gmail.com> a écrit :

> Hello, I have found some components of freedesktop.org are being
> abused in conjunction with a rootkit infection.
> 
> http://www.freedesktop.org/wiki/Software/PolicyKit/PluggableArchitecture/

I guess polkit is the one that was abused, I am not surprised, that was
only a matter of time before someone find a way to abuse polkit. It is
why at the first place I don't want *kit in any of my systems.

Can you be specific about that exploit? Because for now, the only think
I can tell you is to remove polkit, and no one can figure out what's
going on.

> 
> The pluggable architecture is the SSH component of a malware rootkit
> on my computer, giving remote attackers access.
> 
> Any help would be appreciated.
> 
> Thank You -Steve


More information about the xdg mailing list