Edit: I used to read the localized paper version of http://xakep.ru/ several years ago, and practically every hacking story/tool roundup they had mentioned the annoying problem with ls --color, it was apparently present in almost every public rootkit at the time. It's kinda interesting to see that idiots still use outdated tools years later.
Oy. Not the best idea, generally speaking.
Edit: I used to read the localized paper version of http://xakep.ru/ several years ago, and practically every hacking story/tool roundup they had mentioned the annoying problem with ls --color, it was apparently present in almost every public rootkit at the time. It's kinda interesting to see that idiots still use outdated tools years later.