ZeroSecurity The Latest Technology News and Tutorials
KBeast (Kernel Beast) is new kernel rootkit based on the publicly known rootkit,
modification is made in order to support kernel 2.6.18 and 2.6.32.(i386 or x86_64).
Features:
- Hiding this loadable kernel module
- Hiding files/directory
- Hiding process (ps, pstree, top, lsof)
- Hiding socket and connections (netstat, lsof)
- Keystroke logging to capture user activity
- Anti-kill process
- Anti-remove files
- Anti-delete this loadable kernel modules
- Local root escalation backdoor
- Remote binding backdoor hidden by the kernel rootkit
