Compromised SSH Keys Lead To Linux Rootkit Attack
Tech Groupie writes "The US Computer Emergency Readiness Team (CERT) has issued a warning for what it calls 'active attacks' against Linux-based computing infrastructures using compromised SSH keys. The attack appears to initially use stolen SSH keys to gain access to a system, and then uses local kernel exploits to gain root access. Once root access has been obtained, a rootkit known as 'phalanx2' is installed."
Stolen login credentials leads to unauthorized access of computer resources!
"Obscenity is the crutch of the inarticulate motherfucker." - cloak42
Change your keys regularly, and revoke the key as soon as you have the slightest doubt it's been compromised.
/me gives Redhat a dirty look.
Dude, that's like building an electronic voting machine and putting anti-virus software on it.
No, wait...