Posted by Brandon Vincent on Dec 09
This looks like a Jynx derived rootkit which relies on LD_PRELOAD [1].
[1] http://volatility-labs.blogspot.com/2012/09/movp-24-analyzing-jynx-rootkit-and.html
Brandon Vincent
Posted by Brandon Vincent on Dec 09
This looks like a Jynx derived rootkit which relies on LD_PRELOAD [1].
[1] http://volatility-labs.blogspot.com/2012/09/movp-24-analyzing-jynx-rootkit-and.html
Brandon Vincent