Dark Reading

Krasue RAT Uses Cross-Kernel Linux Rootkit to Attack Telecoms

Attackers likely tied the creators of the XorDdos Linux remote access Trojan (RAT) have been wielding a separate Linux RAT for nearly two years without detection, using it to target organizations in ...
Bleeping Computer

Qubitstrike attacks rootkit Jupyter Linux servers to steal credentials

Hackers are scanning for internet-exposed Jupyter Notebooks to breach servers and deploy a cocktail of malware consisting of a Linux rootkit, crypto miners, and password-stealing scripts. Jupyter ...
Computerworld

New Linux rootkit leverages GPUs to hide

A team of developers has created a rootkit for Linux systems that uses the processing power and memory of graphics cards instead of CPUs in order to remain hidden. The rootkit, called Jellyfish, is a ...
CSOonline

Stealthy, tricky to remove rootkit targets Linux systems on ARM and x86

Security researchers have identified a new family of Linux rootkits that, despite running from user mode, can be hard to detect and remove. Called Umbreon, after a Pokémon character that hides in the ...
Ars Technica

Stealthy Linux rootkit found in the wild after going undetected for 2 years

So, are the people downvoting you trying to bury their heads in the sand? You're spot on with this. Whenever there is a catastrophic bug/exploit in Linux...hiding in plain sight in many cases...people ...
The Hacker News

SSHStalker Botnet Uses IRC C2 to Control Linux Systems via Legacy Kernel Exploits

Researchers uncover SSHStalker, an IRC botnet exploiting legacy Linux flaws and SSH servers to build persistent covert access.
CSOonline

New Linux Rootkit detector-Rootkit Profiler

New Linux rootkit detector. Read and download it here. RKProfiler LX is divided into two parts: a data collection component called "Rootkit Profiler Module" (RKPmod) and a data interpretation ...