• @[email protected]
    link
    fedilink
    English
    5
    edit-2
    1 month ago

    Yes, but they replace common tools like top or lsof with manipulated versions. This might at least trick less experienced sysadmins.

    Edit: Some found out about the vulnerability by ressource alerts. Probably very easy in a virtualized environment. The malware can’t fool the hypervisor ;)

    • @[email protected]
      link
      fedilink
      English
      31 month ago

      Not quite the monitoring I’m talking about though.

      Basically, it seems like this would be a nightmare for a home user to detect, but a company is probably gonna pick up on this quite quickly with snmp monitoring (unless it somehow does something to that).