|
|
|
|
|
|
by dspillett
924 days ago
|
|
|
Those methods would work. Could also be included in pirate content in a torrent or similar (this was a significant vector for windows malware in the 2010s). Some instances could also have been manually placed. Or the creator could have bought the services if a bonnet, installing the seeds on machines already backdoored and open. There are a fair few ways to get new rootkits out there, a number of them difficult to trace back to the true source. EDIT: from the article: The researchers have so far been unable
to determine precisely how Krasue gets
installed. Possible infection vectors
include through vulnerability
exploitation, credential-stealing or
-guessing attacks, or by unwittingly
being installed as trojan stashed in an
installation file or update
masquerading as legitimate software
|
|
|