Le 30/04/2021 à 15:05, Arnt Karlsen a écrit : > On Fri, 30 Apr 2021 14:37:20 +0200, Arnt wrote in message > <20210430143720.7311bc82@d44>: > > >> https://www.theregister.com/2021/04/29/stealthy_linux_backdoor_malware_spotted/ >> > ..how it works: > https://blog.netlab.360.com/stealth_rotajakiro_backdoor_en/
This backdoor is targetting systemd and gvfs. It is not very surprising that systemd is targetted, since it is present (by force) in most installed Linux systems. Gvfs is not expected to be installed on servers, but is required by some desktop goodies - even in Xfce4, for example if you install the tool to mount/unmount hotplug disks; it is primarily to avoid it that I developped hopman. -- Didier _______________________________________________ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng