• erpicht
    link
    fedilink
    42 years ago

    As one commenter on the site points out, this is not a backdoor in any meaningful sense of the word, because it still has to be snuck onto the machine. Malware, yes. Backdoor, no.

  • @Thann@lemmy.ml
    link
    fedilink
    32 years ago

    With the help of LD_PRELOAD, Symbiote will load before any other shared objects. That allows the malware to tamper with other library files loaded for an application. The image below shows a summary of all of the malware’s evasion techniques.

  • Helix 🧬
    link
    fedilink
    22 years ago

    So what can you do about it? Tripwire checksumming your whole system is probably a good countermeasure, but if you’re already infiltrated, you’re probably fucked. As with all rootkits.

  • @peeonyou@lemmy.ml
    link
    fedilink
    22 years ago

    if you could run an app to compare your network traffic with what your router or switch shows that would be a dead giveaway, but also would require tools that I’m not sure exist right now