Friday, March 15, 2019
Home / Programming / C++/C / KBeast Rootkit – 2012

KBeast Rootkit – 2012

KBeast (Kernel Beast) is new kernel rootkit based on the publicly known rootkit,
modification is made in order to support kernel 2.6.18 and 2.6.32.(i386 or x86_64).


– Hiding this loadable kernel module
– Hiding files/directory
– Hiding process (ps, pstree, top, lsof)
– Hiding socket and connections (netstat, lsof)
– Keystroke logging to capture user activity
– Anti-kill process
– Anti-remove files
– Anti-delete this loadable kernel modules
– Local root escalation backdoor
– Remote binding backdoor hidden by the kernel rootkit


About FastFlux

Owner of ZeroSecurity, interested in programming, malware analysis and penetration testing. If you would like to write for the ZeroSecurity team, please use the contact form above.

Check Also

iCrypt v1.3 Source Released

ACiiiD¬†from a popular malware programming forum,, has released a crypter project that was started …