Peter Humphrey wrote: > I saw this today: > > https://linux.slashdot.org/story/20/08/13/174237/fbi-and-nsa-expose-new-linux-malware-drovorub-used-by-russian-state-hackers? > utm_source=slashdot&utm_medium=twitter > > Has anyone any more info? >
It seems to affect only older kernels, before 3.7. So if you are above that, which I would think most Gentoo users would at least be in the 4 range or higher, then you should be OK. I checked and the oldest kernel version is 4.4 here. That's for gentoo-sources. Of course, one could download the original kernel sources I guess. That said, I've read that some old servers that are rarely if ever shutdown, may be running kernels that old or even older. I'd think they would be old systems but if they are servers with fast internet connections, those would be a good target. One would hope tho that they are admin'ed by people who can notice the hack and correct it or have other means to prevent it in the first place. How does one know if they are hacked tho? Is there a tool to run? I'm not worried about myself since I'd be a really bad target for it but others might want to know. Dale :-) :-)
