‘Syslogk’, Linux Kernel Rootkit Found in Wild

Syslogk Rootkit is heavily based on Adore-Ng, a relatively old, open-source, well-known kernel rootkit for Linux, but incorporates new functionalities making the user-mode application and the kernel rootkit hard to detect. Avast names this rootkit ‘Syslogk’, due to how it ‘reveals’ itself when specially crafted data is written to the file /proc/syslogk.

Scroll to top
× How can I help you? Available from 08:00 to 22:00