Reptile is a new open source rootkit spread through GitHub which worries, and not a little, the users Linux. It is a malicious agent capable of hiding itself and other malicious code with remarkable effectiveness, as well as easily taking control of the infected system.
What makes Reptile even more formidable is the adoption of the technique Port Knocking. This involves identifying and opening a specific port of the infected system, using it for the transfer of files to and from the control server.
Precisely this particular modus operandi allows the malevolent agent to install additional malware, dramatically increasing its degree of danger.
Reptile, identified by computer security researchers of theASECworks by installing malicious codes in the folder path /reptile/ using names like reptile, reptile_shell e reptile_cmd.
The relative loaderThen decrypt and install the modulo kernel Reptile rootkit encrypted, avoiding direct existence as a file.
Reptile and the Port Knocking technique: how to avoid risks on your Linux system
Reptile is neither the first nor the latest malware targeting Linux systems. Just take a look at the growing number of cases ransomware on this OS to understand how long gone are the times when the penguin’s operating system was considered more than secure.
To counter this threat, however, experts offer some concrete advice, which can allow you to save your device from this rapidly spreading malware campaign.
Keep the operating system and software updated with the latest patches and updates available it is, without a shadow of a doubt, vitally important to avoid Reptile and other similar malware.
Avoid contact with Web sites e download suspects it is a further step towards safety. Finally, choose a antivirus Effective Linux turns out to be, nowadays, practically a must.