top | item 42210366

(no title)

What's the point of these kinds of articles? Most Linux malware (including this one) are not sophisticated at all, built off of pre-existing rootkit code samples off Github and quite sloppy with leaving files and traces (".Xl1", modifying bashrc, really?). And there's a weird fixation on China here, is it just more anti-China propaganda?

discuss

jamesmotherway|1 year ago

Threat actors don't create malware to impress people; they do it to accomplish their goals. Apparently, this sample was sufficient for them.

Security companies attribute activity based on their observations. ESET- a Slovakian company- is no exception.

stepupmakeup|1 year ago

I was under the impression that persistent, but SILENT access was China's goal. Dropping files in home and /tmp/ seems like the total opposite of that and any competent sysadmin would detect these anomalies manually real quick with a simple "ls -a", even possibly by accident.