Stealthy, sneaky rootkit targets Linux systems on ARM and x86

Security researchers have identified a new family of Linux rootkits that, despite running from user mode, can be hard to detect and remove.
Called Umbreon, after a Pokémon character that hides in the darkness, the rootkit has been in development since early 2015 and is now being sold on the underground markets. It targets Linux-based systems on the x86, x86-64 and ARM architectures, including many embedded devices such as routers.
According to malware researchers from antivirus firm Trend Micro, Umbreon is a so-called ring 3 rootkit, meaning that it runs from user mode and doesn’t need kernel privileges. Despite this apparent limitation, it is quite capable of hiding itself and persisting on the system.To read this article in full or to leave a comment, please click here


Original URL: http://www.computerworld.com/article/3116491/security/stealthy-sneaky-rootkit-targets-linux-systems-on-arm-and-x86.html#tk.rss_all  

Original article

Comments are closed.

Proudly powered by WordPress | Theme: Baskerville 2 by Anders Noren.

Up ↑

%d bloggers like this: