Backdoor.Linux.Roopre.d (Kaspersky), ELF/Roopre-A (Sophos); Backdoor.Linux.Roopre (Ikarus); Linux/BackDoor-Roopre.gen.a (McAfee); Linux/Roopre.A (ESET-NOD32)
Linux
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
It executes commands from a remote malicious user, effectively compromising the affected system. It connects to a website to send and receive information.
Arrival Details
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
Backdoor Routine
This backdoor executes the following commands from a remote malicious user:
It connects to the following websites to send and receive information:
Scan your computer with your Trend Micro product and note files detected as ELF_ROOPRE.E