Linux/Bckdr-RKC: A New Variant Appears

Someone was busy this Christmas.

A new variant of Linux/Bckdr-RKC has been placed on my honeypot.

Unfortunately detections by Sophos do not detect this variant, so I've sent it back to them for analysis.

I have posted the strings from the unpacked malware, as well as a diff between the strings of the old version and new version.

I will post updates as I can.

No comments:

Post a Comment