Security News > 2021 > April > Stealthy Linux backdoor malware spotted after three years of minding your business
2021-04-29 23:40
Chinese security outfit Qihoo 360 Netlab on Wednesday said it has identified Linux backdoor malware that has remained undetected for a number of years.
An MD5 signature for the file systemd-daemon first showed up in VirusTotal back on May 16, 2018 without the detection of any known malware.
Netlab has dubbed the malware family RotaJakiro because it uses encryption with a rotate function and has different behavior depending on whether it's running on a root or non-root account.
The malware makes an effort to conceal itself by using multiple encryption algorithms.
The malware is not an exploit; rather it's a payload that opens a backdoor on the targeted machine.
At least the malware is starting to get noticed by antivirus software.