Reptile Rootkit: Advanced Linux Malware Targeting South Korean Systems

[silversurfer]

Content source

https://thehackernews.com/2023/08/reptile-rootkit-advanced-linux-malware.html

Threat actors are using an open-source rootkit called Reptile to target Linux systems in South Korea.

"Unlike other rootkit malware that typically only provide concealment capabilities, Reptile goes a step further by offering a reverse shell, allowing threat actors to easily take control of systems," the AhnLab Security Emergency Response Center (ASEC) said in a report published this week.

"Port knocking is a method where the malware opens a specific port on an infected system and goes on standby. When the threat actor sends a magic packet to the system, the received packet is used as a basis to establish a connection with the C&C server."