openSUSE Forums: Linux security threat - Linux ssh backdoor daemon

openSUSE Forums openSUSE Forums

Linux security threat - Linux ssh backdoor daemon Jan 26th 2013, 12:13 I found this article an interesting read : Linux/SSHDoor.A Backdoored SSH daemon that steals passwords | ESET ThreatBlog Its a blog about a a trojanized version of the linux ssh daemon that is found in the wild (ie out there now being used in place of nominal ssh daemon/servers on compromised GNU/Linux systems). From what I read, in this case, the binary not only lets the attacker log onto the server if he has a hardcoded password, the attacker is also granted access if he/she has the right SSH key. The backdoor also logs all username and passwords to exfiltrate them to a server hosted in Iceland. What is not clear is how this trojan is spread ... as the blog notes this: Quote: Originally Posted by blog ... it is hard to tell how this Trojanized SSH daemon made its way on a compromised server but outdated applications or weak passwords are probably to blame I use ssh on a weekly basis, as I often pipe vnc through ssh to help my mother in Canada with her PC (I live in Europe).

You are receiving this email because you subscribed to this feed at blogtrottr.com. If you no longer wish to receive these emails, you can unsubscribe from this feed, or manage all your subscriptions