Reptile Rootkit Targets Linux Systems in South Korea
Reptile Rootkit Targets Linux Systems in South Korea
Threat Level
Attack Report
For a detailed threat advisory, download the pdf file here
Summary
Reptile, an open-source Linux rootkit, goes beyond concealment, offering attackers a reverse shell and utilizing Port Knocking for control; observed in attacks including Chinese groups exploiting zero-days. Similarities to Mélofée malware suggest potential connections in attack strategies.
To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.