• @cron@feddit.org
    link
    fedilink
    English
    5
    edit-2
    2 months ago

    Yes, but they replace common tools like top or lsof with manipulated versions. This might at least trick less experienced sysadmins.

    Edit: Some found out about the vulnerability by ressource alerts. Probably very easy in a virtualized environment. The malware can’t fool the hypervisor ;)

    • @li10@feddit.uk
      link
      fedilink
      English
      42 months ago

      Not quite the monitoring I’m talking about though.

      Basically, it seems like this would be a nightmare for a home user to detect, but a company is probably gonna pick up on this quite quickly with snmp monitoring (unless it somehow does something to that).