Security News > 2023 > August > Reptile Rootkit: Advanced Linux Malware Targeting South Korean Systems
Threat actors are using an open-source rootkit called Reptile to target Linux systems in South Korea.
"Unlike other rootkit malware that typically only provide concealment capabilities, Reptile goes a step further by offering a reverse shell, allowing threat actors to easily take control of systems," the AhnLab Security Emergency Response Center said in a report published this week.
ExaTrack, that same month, revealed a Chinese hacking group's use of a Linux malware called Mélofée that's based on Reptile.
The South Korean cybersecurity firm said it also detected an attack case in the country that involved the use of Reptile, while bearing some tactical similarities to Mélofée.
"Reptile is a Linux kernel mode rootkit malware that provides a concealment feature for files, directories, processes, and network communications," ASEC said.
"However, Reptile itself also provides a reverse shell, making systems with Reptile installed susceptible to being hijacked by threat actors."
News URL
https://thehackernews.com/2023/08/reptile-rootkit-advanced-linux-malware.html
Related news
- New Perfctl Malware Targets Linux Servers for Cryptocurrency Mining and Proxyjacking (source)
- Linux malware “perfctl” behind years-long cryptomining campaign (source)
- Linux systems targeted with stealthy “Perfctl” cryptomining malware (source)
- New FASTCash malware Linux variant helps steal money from ATMs (source)
- New Linux Variant of FASTCash Malware Targets Payment Switches in ATM Heists (source)
- New CRON#TRAP Malware Infects Windows by Hiding in Linux VM to Evade Antivirus (source)
- Chinese hackers target Linux with new WolfsBane malware (source)