Published on November 16th, 2013 📆 | 5557 Views ⚑0
Linux Backdoor Fokirtor Injects Traffic Into SSH Protocol
Security researchers have discovered a Linux backdoor that uses a covert communication protocol to disguise its presence on compromised systems.
The malware was used in an attack on a large (unnamed) hosting provider back in May. It cleverly attempted to avoid setting off any alarm bells by injecting its own communications into legitimate traffic, specifically SSH chatter. SSH is a protocol commonly used to access shell accounts on Unix-like operating systems, a continuous activity for remote administration of websites.