|
Secure Coding
mailing list archives
New 64-bit Linux Rootkit Doing iFrame Injections - Securelist
From: "Kenneth R. van Wyk" <ken () krvw com>
Date: Wed, 21 Nov 2012 13:01:24 -0500
Hmmm, an interesting twist in the Linux malware world -- and a bit of a collision of traditional OS-level malware and
app-level security woes. This latest Linux rootkit (below) can inject an iFrame into any HTTP response sent from an
infected web server. Thus, it can be used to spew malware into susceptible web browser clients, and appear as though
the drive-by infection is coming from a web app hosted on the infected site.
See full write-up below.
https://www.securelist.com/en/blog/208193935/New_64_bit_Linux_Rootkit_Doing_iFrame_Injections
Oh, and happy Thanksgiving to all you USA folks out there.
Cheers,
Ken
-----
Kenneth R. van Wyk
KRvW Associates, LLC
http://www.KRvW.com
Follow us on Twitter at: @KRvW or @KRvW_Associates
Attachment:
smime.p7s
Description:
_______________________________________________
Secure Coding mailing list (SC-L) SC-L () securecoding org
List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l
List charter available at - http://www.securecoding.org/list/charter.php
SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com)
as a free, non-commercial service to the software security community.
Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates
_______________________________________________
 By Date 
By Thread
Current thread:
- New 64-bit Linux Rootkit Doing iFrame Injections - Securelist Kenneth R. van Wyk (Nov 21)
|
