{"id":23188,"date":"2020-12-09T09:59:52","date_gmt":"2020-12-09T01:59:52","guid":{"rendered":"https:\/\/web.mwwsb.com.my\/pjci\/?post_type=kb&p=23188"},"modified":"2022-09-08T20:00:20","modified_gmt":"2022-09-08T12:00:20","slug":"security-tips-rootkit-trojan","status":"publish","type":"kb","link":"https:\/\/www.casbay.com\/guide\/kb\/security-tips-rootkit-trojan","title":{"rendered":"SECURITY TIPS: RootKit Trojan"},"content":{"rendered":"\t\t
\n\t\t\t\t\t\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t

SECURITY TIPS: RootKit Trojan<\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t

Tips RootKit Trojan \u2013 Scanning & Prevention<\/p>

Dear valued customers,<\/p>

Our security team has reported that some of the VPS <\/a>and dedicated servers <\/a>have been infected with Trojan RootKit<\/em><\/strong>.
We would therefore like to take this chance to inform all of our owners of dedicated & VPS servers to be vigilant and try not to let Trojan RootKit in their servers.<\/p>

Scanner Tools for RootKit Trojan<\/strong>
a)\u00a0rkHunter<\/strong>\u00a0\u2013 rootkit scanner,\u00a0<\/em>
b)\u00a0chkrootkit<\/strong>\u00a0\u2013 another rootkit scanner,\u00a0<\/em>
c)\u00a0clamav<\/strong>\u00a0\u2013 anti-virus scanner,\u00a0<\/em>
#\u00a0rpm based installer<\/strong>,
<\/em><\/p>

If you need\u00a0any further assistance, please contact us again.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t
\n\t\t\t\t\t\t\t

In case if you are wondering,<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t
\n\t\t\t

What is a Rootkit?<\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\"\"\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t

A rootkit is an application\/ set of applications that conceals its presence, or the presence of another application, like adware or spyware, on a device. Rootkits hide by using some of the lower layers of the operating system, including API function redirection or undocumented OS functions. This makes us almost unable to detect them by using common anti-malware software.<\/p><\/div>

Have you ever wondered- where does the term \u201crootkit\u201d comes from? In Unix and Linux operating systems (OS), the system admin, there is an all-powerful account with full privileges and access with no restrictions (similar to the administrator account in Windows). We call the account- \u201croot\u201d<\/strong>. Moreover, the applications that allow unauthorized root\/admin-level access to the device and restricted areas, we refer them as- \u201ckit\u201d<\/strong>.<\/p>

So, put the two together, you will get \u201crootkit<\/strong>\u201d. In other words, a rootkit is a program<\/strong> that lets someone with legitimate or malicious intent privilege access<\/strong> a computer <\/strong>or mobile device<\/strong>. Through this, the person can now control the device remotely without the owner\u2019s knowledge or consent.<\/p>

Unfortunately, rootkits allow creating unauthorized access to computers. It aids cybercriminals in stealing personal data and financial information, install malware, or use computers as part of a botnet. The purpose is to circulate spam and participate in DDoS (distributed denial-of-service) attacks<\/a>.<\/p>

Lastly, imagine a burglar who wants to break in and steal from your home. They often dress in black to blend into the darkness and move quietly. However, unlike the thief who takes something and leaves immediately, a rootkit sticks around in your computer.<\/strong> It will eventually rob your data <\/strong>or manipulating <\/strong>what\u2019s inside the computer over time<\/strong>.<\/p><\/div>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"

SECURITY TIPS: RootKit Trojan Tips RootKit Trojan \u2013 Scanning & Prevention Dear valued customers, Our security team has reported that some of the VPS and dedicated servers have been infected with Trojan RootKit.We would therefore like to take this chance to inform all of our owners of dedicated & VPS servers to be vigilant and […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"site-sidebar-layout":"no-sidebar","site-content-layout":"page-builder","ast-site-content-layout":"","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"disabled","ast-breadcrumbs-content":"","ast-featured-img":"disabled","footer-sml-layout":"","theme-transparent-header-meta":"default","adv-header-id-meta":"","stick-header-meta":"default","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""}}},"kbtopic":[113],"kbtag":[106],"mkb_version":[],"_links":{"self":[{"href":"https:\/\/www.casbay.com\/guide\/wp-json\/wp\/v2\/kb\/23188"}],"collection":[{"href":"https:\/\/www.casbay.com\/guide\/wp-json\/wp\/v2\/kb"}],"about":[{"href":"https:\/\/www.casbay.com\/guide\/wp-json\/wp\/v2\/types\/kb"}],"author":[{"embeddable":true,"href":"https:\/\/www.casbay.com\/guide\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.casbay.com\/guide\/wp-json\/wp\/v2\/comments?post=23188"}],"version-history":[{"count":14,"href":"https:\/\/www.casbay.com\/guide\/wp-json\/wp\/v2\/kb\/23188\/revisions"}],"predecessor-version":[{"id":36785,"href":"https:\/\/www.casbay.com\/guide\/wp-json\/wp\/v2\/kb\/23188\/revisions\/36785"}],"wp:attachment":[{"href":"https:\/\/www.casbay.com\/guide\/wp-json\/wp\/v2\/media?parent=23188"}],"wp:term":[{"taxonomy":"kbtopic","embeddable":true,"href":"https:\/\/www.casbay.com\/guide\/wp-json\/wp\/v2\/kbtopic?post=23188"},{"taxonomy":"kbtag","embeddable":true,"href":"https:\/\/www.casbay.com\/guide\/wp-json\/wp\/v2\/kbtag?post=23188"},{"taxonomy":"mkb_version","embeddable":true,"href":"https:\/\/www.casbay.com\/guide\/wp-json\/wp\/v2\/mkb_version?post=23188"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}