Slashdot Mirror

← Back to Stories (view on slashdot.org)

New In-Memory Rootkit Discovered By German Hoster

Posted by Soulskill on from the malware-arms-race dept.

New submitter einar2 writes "German hoster Hetzner informed customers that login data for their admin surface might have been compromised (Google translation of German original). At the end of last week, a backdoor in a monitoring server was found. Closer examination led to the discovery of a rootkit residing in memory. The rootkit does not touch files on storage but patches running processes in memory. Malicious code is directly injected into running processes. According to Hetzner the attack is surprisingly sophisticated."

1 of 91 comments (clear)

  1. Re:Address space layout randomization? by Anonymous Coward · · Score: 0, Troll

    Forgive my ignorance, but how did ASLR not stop this?

    ASLR is a joke.