The open-source Reptile rootkit is being used by threat actors to target Linux systems in South Korea.
Reptile offers a reverse shell, which enables threat actors to quickly take control of systems, in contrast to other rootkit malware that normally just provides hiding capabilities, according to a research released this week by the AhnLab Security Emergency Response Centre (ASEC).
“Port knocking is a technique when malware on an infected system opens a certain port and then goes on standby. The magic packet that the threat actor transmits to the system is then utilized as the foundation for a connection to the C&C server read more Reptile Rootkit Advanced Linux Malware Targeting South Korean Systems.
Stay informed with the best cybersecurity news and raise your cybersecurity awareness with our comprehensive coverage of the latest threats, breaches, and solutions.