[manarth]

Not sure whether to be amused, vindicated, or concerned that the most prominent conversation here on HN is terminology: "Is 'backdoor' the correct term?"

Malware, trojan, virus, rootkit, backdoor, squirglebunny (OK, I may have made that last one up).

There's not a lot of talk about the threat vector though - does anyone know how this infects systems?

[darylteo]

> After its first execution, the binary checks its own file path and ...

From the article it seems to be via executable. That's why the terminology is important in this case. It's a executable rootkit that opens a backdoor, not a OS remote execution exploit. And this article relates to the OS X variant of a cross-platform package (so this affects Windows and Linux systems as well).

[manarth]

> "It's a executable rootkit"

I hate to join in the terminology argument, but is it really a rootkit? After all, it doesn't (according to the reports) disguise its presence, which discards "rootkit" as a classification.

It seems to be pretty much run-of-the-mill malware. It would be interesting to understand the delivery mechanism (email, or whatever).

And if people will install untrusted third-party software, delivered by an untrustworthy mechanism, then they inevitably accept a certain amount of exposure.

[pawadu]

did you see last weeks post about bikeshedding? this is exactly what bikeshedding is.

[manarth]

What colour is the Rootkit?

[pawadu]

nevermind that, lets talk about the correct spelling of "color".