-
Researchers Develop Linux Rootkit That Evades Elastic EDR Protections
31 Oct 2025 10:33 GMT
… separate alerts when encountering standard rootkit implementations.
26 detections detectedThe … through methodical obfuscation.
The rootkit leverages four primary evasion … symbol name randomization. Standard rootkits utilize predictable naming patterns …
-
Researchers Created a Linux Rootkit that Evades Elastic Security EDR Detection
31 Oct 2025 04:06 GMT
… GitHub by researcher 0xMatheuZ, the rootkit employs advanced obfuscation techniques to … to static analysis evasion. Traditional rootkits falter on predictable strings and … “hook_getdents.”
Singularity tool
The rootkit’s Python-based obfuscator fragments …
-
⚡ Weekly Recap: F5 Breached, Linux Rootkits, Pixnapping Attack, EtherHiding & More
20 Oct 2025 20:17 GMT
… of InvisibleFerret.
LinkPro Linux Rootkit Spotted in the Wild — … 54321) that signals the rootkit to await further instructions … Campaign Targets Cisco Devices with Rootkits — A new campaign … Software to deploy Linux rootkits on older, unprotected systems …
-
LinkPro Rootkit Attacking GNU/Linux Systems Using eBPF Module to Hide Malicious Activities
17 Oct 2025 15:01 GMT
A sophisticated rootkit targeting GNU/Linux … called vGet, and the LinkPro rootkit.
The Docker configuration allowed … developed in Golang. The rootkit operates in two modes: … _KPROBE_OVERRIDE option.
The rootkit achieves persistence by masquerading as …
-
Hackers used Cisco zero-day to plant rootkits on network switches (CVE-2025-20352)
17 Oct 2025 15:03 GMT
… 2025-20352) to deploy Linux rootkits on vulnerable Cisco network devices … Micro researchers shared.
Once a rootkit was implanted, it would set … used to install the Linux rootkit, and one to stop … component used to control the rootkit, and an arp spoofing tool …
-
Cisco: SNMP Critical Linux Rootkit Exploit CVE-2025-20352 RCE
17 Oct 2025 14:25 GMT
… access and installed a Linux rootkit built specifically for persistence. … case. The Houken kernel rootkit used the same approach … Linux Security Defense Strategies
Rootkits have always been a … Exploit Reveals About Linux Rootkit Evolution
The Cisco campaign …
-
LinkPro: An eBPF-Based Rootkit Hiding Malicious Activity on GNU/Linux
17 Oct 2025 09:17 GMT
… uncovered a sophisticated Linux rootkit dubbed LinkPro that leverages … ” or “.system”.
The rootkit also hides specific process directories … configuration file.
The rootkit extracts and installs a … network name resolution.
The rootkit copies its executable to …
-
New Rootkit Campaign Exploits Cisco SNMP Flaw to Gain Persistence
17 Oct 2025 05:00 GMT
… Protocol vulnerability to install Linux rootkits on exposed network devices has … Legacy Cisco Flaw
Rootkit Capabilities and Detection
The rootkit granted several covert …
-
‘Zero Disco’ campaign hits legacy Cisco switches with fileless rootkit payloads
17 Oct 2025 11:54 GMT
Parts of the exploit are fileless or volatile, with some components disappearing on reboot, while hooks left in memory endure, and some functions are reactivated dynamically, all making detection complicated.
“Currently, there is no universal automated …
-
Operation Zero Disco: Threat actors targets Cisco SNMP flaw to drop Linux rootkits
16 Oct 2025 20:28 GMT
… attacks to deploy Linux rootkits on outdated systems, researchers … EDR protection, deploying rootkits to conceal malicious activity … complexity.
Upon installing the rootkit, attackers gain remote … to receive commands. The rootkit injects a volatile universal …
About
© 1995-2025