Well, I am basically a novice who has learned much recently, (many of my describing terms may not be accurate, steep learning curve) but I have a google drive page describing the infection:
I first noticed a self replicating infection on a Knoppix CD-ROM 7 months ago. Months Later I noticed the same symptoms when I booted UBCD Parted Magic. I know the hackers step up infection (they install zypper in OpenSuse for example.) This is part rootkit similar to "flame" and part social engineered artificial internet environment. Note: click on malware symptoms for overview, also, the "beefpages" is now a broken link. https://drive.google.com/folderview?id=0B7Mx1oILAt8WRnpqa1l1bU1tMWc&usp=sharing Please excuse the brevity, library closing in minutes Thanks for your prompt response and help -Steve On Fri, Nov 15, 2013 at 7:41 PM, Jasper St. Pierre <[email protected]>wrote: > On Fri, Nov 15, 2013 at 6:10 PM, Stephen Reichow < > [email protected]> wrote: > >> Hello, I have found some components of freedesktop.org are being abused >> in conjunction with a rootkit infection. >> >> http://www.freedesktop.org/wiki/Software/PolicyKit/PluggableArchitecture/ >> >> The pluggable architecture is the SSH component of a malware rootkit on >> my computer, giving remote attackers access. >> >> Any help would be appreciated. >> > > I don't think PolicyKit is at fault, here. If you have permissions to > write to /usr/lib, where the plugins are stored, you can do a lot of damage > by installing a replacement glibc, for instance. > > Do you know how the infection started? > > >> Thank You -Steve >> >> >> >> _______________________________________________ >> xdg mailing list >> [email protected] >> http://lists.freedesktop.org/mailman/listinfo/xdg >> >> > > > -- > Jasper >
_______________________________________________ xdg mailing list [email protected] http://lists.freedesktop.org/mailman/listinfo/xdg
