|
|
|
|
|
|
by darylteo
3567 days ago
|
|
|
> After its first execution, the binary checks its own file path and ... From the article it seems to be via executable. That's why the terminology is important in this case. It's a executable rootkit that opens a backdoor, not a OS remote execution exploit. And this article relates to the OS X variant of a cross-platform package (so this affects Windows and Linux systems as well). |
|
|
I hate to join in the terminology argument, but is it really a rootkit? After all, it doesn't (according to the reports) disguise its presence, which discards "rootkit" as a classification.
It seems to be pretty much run-of-the-mill malware. It would be interesting to understand the delivery mechanism (email, or whatever).
And if people will install untrusted third-party software, delivered by an untrustworthy mechanism, then they inevitably accept a certain amount of exposure.