Someone was busy this Christmas.
A new variant of Linux/Bckdr-RKC has been placed on my honeypot.
Unfortunately detections by Sophos do not detect this variant, so I've sent it back to them for analysis.
I have posted the strings from the unpacked malware, as well as a diff between the strings of the old version and new version.
I will post updates as I can.
No comments:
Post a Comment