http://www.eweek.com/c/a/Security/Attackers-Targeting-Linux-Infrastructures-With-Rootkit-to-Steal-SSH-Keys/ By Brian Prince eWEEK.com 2008-08-26 U.S.-CERT is warning of attacks targeting Linux-based infrastructures using compromised SSH keys. After access is gained to the system, local kernel exploits are used to gain root access. A rootkit is then installed to steal more SSH keys. The attack could be related to a flaw affecting Debian-based encryption keys discovered earlier this year. Hackers are launching attacks against Linux-based computing infrastructures using compromised SSH [Secure Shell] keys and installing rootkits, according to a warning by the U.S. Computer Emergency Readiness Team (US-CERT). According to US-CERT, the attack uses stolen SSH keys to access a system, and then local kernel exploits to gain root access. At that point, a rootkit known as phalanx2 is installed. [...] __________________________________________________ Register now for HITBSecConf2008 - Malaysia! With a new triple-track conference featuring 4 keynote speakers and over 35 international experts, this is the largest network security event in Asia and the Middle East! http://conference.hackinthebox.org/hitbsecconf2008kl/Received on Tue Aug 26 2008 - 22:28:14 PDT
This archive was generated by hypermail 2.2.0 : Tue Aug 26 2008 - 22:32:48 PDT