Danny, On 01/06/2015 07:04 PM, Danny wrote: > ########################################################## > -rwxr-xr-x 1 root root 648K Dec 11 17:17 /boot/dippqejwvf > ##########################################################
could you narrow down, where those strange files are created? Were there any suspicious cronjobs? Does anyone know any kind of trojan that acts like that? Obviously, the attacker got root permissions either way, otherwise he couldn't place those files in /boot. I think it's an interesting discussions, since linux malware is rather rare, at least compared to windows viruses. I'm interested if this is taking place thoroughly in user space or if there are any kernel modifications. TIA! -- Gruß, Christian -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/54bde224.8020...@postbox.xyz
