PUMAKIT, a stealthy Linux rootkit, uses syscall hooking, memory-resident execution, and advanced privilege escalation ...

The multi-stage rootkit targets Linux systems, using advanced stealth techniques to escalate privileges and avoid detection.

A new Linux rootkit malware called Pumakit has been discovered that uses stealth and advanced privilege escalation techniques ...

A new Linux malware rootkit, Pumakit, has recently surfaced that manages to surreptitiously hide on affected systems. For now ...

The core firmware rootkit needs to be very small in order to fit in the limited memory space on the hard drive’s memory chips. It’s only a few KB in size, but that doesn’t stop it from ...

While not production-ready malware, ‘Bootkitty’ provides a proof of concept for exploiting Linux systems at boot-up — ...

In a detailed analysis of the exploit, Lazarus and the FudModule Rootkit, Jan Vojtěšek from the Avast Threat Labs explains how researchers found the exploit for this previously unknown zero-day ...

When combined with Web threats, the new rootkit is proving to be both a destructive and prolific combination, security experts say. The rootkit models a similar virus from several years ago but ...

Researchers spot new campaign that can turn off antivirus protection Malware uses legitimate Avast Anti-Rootkit driver to ...

A new malicious campaign is using a legitimate but old and vulnerable Avast Anti-Rootkit driver to evade detection and take control of the target system by disabling security components.

More recent rootkit detectors use variations on this scheme that don't require exiting the operating system to get usable results. I've also looked at these applications in a more general light ...

Researchers from Kaspersky have discovered a new kind of powerful Unified Extensible Firmware Interface (UEFI) firmware rootkit known as CosmicStrand, which they attribute to an unidentified ...