Linux Malware
Dominique Michel
dominique.michel at vtxnet.ch
Fri Nov 15 18:48:27 PST 2013
Le Fri, 15 Nov 2013 15:10:12 -0800,
Stephen Reichow <stephen.reichow at gmail.com> a écrit :
> Hello, I have found some components of freedesktop.org are being
> abused in conjunction with a rootkit infection.
>
> http://www.freedesktop.org/wiki/Software/PolicyKit/PluggableArchitecture/
I guess polkit is the one that was abused, I am not surprised, that was
only a matter of time before someone find a way to abuse polkit. It is
why at the first place I don't want *kit in any of my systems.
Can you be specific about that exploit? Because for now, the only think
I can tell you is to remove polkit, and no one can figure out what's
going on.
>
> The pluggable architecture is the SSH component of a malware rootkit
> on my computer, giving remote attackers access.
>
> Any help would be appreciated.
>
> Thank You -Steve
More information about the xdg
mailing list