Slashdot Mirror


Compromised SSH Keys Lead To Linux Rootkit Attack

Tech Groupie writes "The US Computer Emergency Readiness Team (CERT) has issued a warning for what it calls 'active attacks' against Linux-based computing infrastructures using compromised SSH keys. The attack appears to initially use stolen SSH keys to gain access to a system, and then uses local kernel exploits to gain root access. Once root access has been obtained, a rootkit known as 'phalanx2' is installed."

3 of 79 comments (clear)

  1. This just in: by Cocoronixx · · Score: 5, Funny

    Stolen login credentials leads to unauthorized access of computer resources!

    --
    "Obscenity is the crutch of the inarticulate motherfucker." - cloak42
  2. Re:As usual... by Westech · · Score: 3, Funny

    Change your keys regularly, and revoke the key as soon as you have the slightest doubt it's been compromised.

    /me gives Redhat a dirty look.

  3. Re:and by MarkTraceur · · Score: 3, Funny

    Dude, that's like building an electronic voting machine and putting anti-virus software on it.

    No, wait...