{"id":5175,"date":"2023-07-31T22:28:53","date_gmt":"2023-07-31T20:28:53","guid":{"rendered":"https:\/\/sajberinfo.com\/?p=5175"},"modified":"2023-07-31T22:28:53","modified_gmt":"2023-07-31T20:28:53","slug":"reptile-rootkit-napada-linux-sisteme","status":"publish","type":"post","link":"https:\/\/sajberinfo.com\/en\/2023\/07\/31\/reptile-rootkit-napada-linux-sisteme\/","title":{"rendered":"Reptile Rootkit napada Linux sisteme"},"content":{"rendered":"<p><span style=\"font-size: 14pt;\">Novi <a href=\"https:\/\/sajberinfo.com\/en\/2022\/01\/07\/rootkits\/\" target=\"_blank\" rel=\"nofollow noopener\"><em>rootkit<\/em> <\/a>zlonamjerni softver za modul <em>Linux<\/em> jezgra nedavno je objavljen na <em>GitHub<\/em> platformi i nazvan <em>Reptile.<\/em> To je <em>rootkit<\/em> otvorenog k\u00f4da koji ima mogu\u0107nost da sakrije sebe, druge zlonamjerne k\u00f4dove, datoteke, direktorijume i mre\u017eni saobra\u0107aj. Sigurnosni istra\u017eiva\u010di kompanije <em>ASEC<\/em> su <a href=\"https:\/\/asec.ahnlab.com\/ko\/55379\/\" target=\"_blank\" rel=\"noopener\">otkrili ovaj <em>rootkit<\/em><\/a>.<\/span><\/p>\n<div id=\"attachment_5191\" style=\"width: 1034px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" aria-describedby=\"caption-attachment-5191\" class=\"size-full wp-image-5191\" src=\"https:\/\/sajberinfo.com\/wp-content\/uploads\/2023\/07\/Reptile-Rootkit-Malware.jpeg\" alt=\"Reptile Rootkit\" width=\"1024\" height=\"1024\" srcset=\"https:\/\/sajberinfo.com\/wp-content\/uploads\/2023\/07\/Reptile-Rootkit-Malware.jpeg 1024w, https:\/\/sajberinfo.com\/wp-content\/uploads\/2023\/07\/Reptile-Rootkit-Malware-300x300.jpeg 300w, https:\/\/sajberinfo.com\/wp-content\/uploads\/2023\/07\/Reptile-Rootkit-Malware-150x150.jpeg 150w, https:\/\/sajberinfo.com\/wp-content\/uploads\/2023\/07\/Reptile-Rootkit-Malware-768x768.jpeg 768w, https:\/\/sajberinfo.com\/wp-content\/uploads\/2023\/07\/Reptile-Rootkit-Malware-12x12.jpeg 12w, https:\/\/sajberinfo.com\/wp-content\/uploads\/2023\/07\/Reptile-Rootkit-Malware-80x80.jpeg 80w, https:\/\/sajberinfo.com\/wp-content\/uploads\/2023\/07\/Reptile-Rootkit-Malware-320x320.jpeg 320w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><p id=\"caption-attachment-5191\" class=\"wp-caption-text\"><em>Reptile Rootkit napada Linux sisteme; Source: Bing Image Creator<\/em><\/p><\/div>\n<p><span style=\"font-size: 14pt;\">Za razliku od drugih <em>rootkit<\/em> <a href=\"https:\/\/sajberinfo.com\/en\/2021\/09\/26\/malware\/\" target=\"_blank\" rel=\"nofollow noopener\">zlonamjernih softvera<\/a>, <em>Reptile<\/em> se isti\u010de obrnutim komandnim okru\u017eenjem, omogu\u0107avaju\u0107i laku kontrolu sistema, a njegov prepoznatljiv potez je <em>Port Knocking<\/em>. To mu omogu\u0107ava da otvori odre\u0111eni port na zara\u017eenom sistemu, povezuju\u0107i ga sa <em>C&amp;C<\/em> serverom nakon \u0161to od napada\u010da primi <em>Magic Packet<\/em>.<\/span><\/p>\n<h2><\/h2>\n<h2><span style=\"font-size: 14pt;\"><strong><em>Reptile Rootkit<\/em> funkcionisanje<\/strong><\/span><\/h2>\n<p><span style=\"font-size: 14pt;\"><em>Reptile rootkit<\/em> poma\u017ee instalaciju zlonamjernog softvera i omogu\u0107ava napada\u010dima pristup alatki komandne linije koja \u010deka da se obrnuta veza komandne linije izvr\u0161i na zara\u017eenim sistemima, daju\u0107i kontrolu <a href=\"https:\/\/sajberinfo.com\/en\/2022\/03\/19\/hakeri-crni-sesiri-epizoda-3\/\" target=\"_blank\" rel=\"nofollow noopener\">napada\u010du<\/a>.<\/span><\/p>\n<p><span style=\"font-size: 14pt;\">Napada\u010di mogu da upravljaju obrnutom komandnom linijom bez navo\u0111enja <em>C&amp;C<\/em> servera tako \u0161to \u0107e proslje\u0111ivati odre\u0111ene pakete koriste\u0107i <em>Port Knocking<\/em>. <em>Packet<\/em>, alatka komandne linije, prima parametre za obrnutu vezu sa komandnim okru\u017eenjem i metodu kucanja porta.<\/span><\/p>\n<p><span style=\"font-size: 14pt;\">Program za u\u010ditavanje de\u0161ifruje i instalira \u0161ifrovani <em>Reptile rootkit<\/em> modul jezgra sistema, izbjegavaju\u0107i direktno postojanje kao datoteka. <em>Rootkit<\/em>, nakon u\u010ditavanja modula jezgra sistema, pokre\u0107e obrnuto komandno okru\u017eenje i \u010deka <em>Magic Packet<\/em> na odre\u0111enom portu, jer adresa koja je primljena putem kucanja porta tako\u0111e mo\u017ee da isporu\u010di adresu <em>C&amp;C<\/em> servera.<\/span><\/p>\n<p>&nbsp;<\/p>\n<h3><span style=\"font-size: 14pt;\"><strong>Preporuke<\/strong><\/span><\/h3>\n<p><span style=\"font-size: 14pt;\">Kako bi se sprije\u010dile ovakve bezbjednosne prijetnje neophodno je pregledati pode\u0161avanja ranjivog okru\u017eenja, uvijek a\u017eurirati povezane sisteme na najnoviju verziju kako biste ih za\u0161titili od napada i koristiti pouzdano antivirusno rije\u0161enje.<\/span><\/p>\n<p>&nbsp;<\/p>\n<h4><span style=\"font-size: 14pt;\"><strong>Zaklju\u010dak<\/strong><\/span><\/h4>\n<p><span style=\"font-size: 14pt;\"><em>Reptile rootkit <\/em>je zlonamjerni softver za modul jezgra <em>Linux<\/em> operativnog sistema koji obezbje\u0111uje skrivenost za datoteke\/direktorije i procese, kao i mre\u017enu komunikaciju. Po\u0161to je otvorenog k\u00f4da, mogu ga lako koristiti razni napada\u010di, a potvr\u0111eni su i razni stvarni slu\u010dajevi napada. Zbog <em>rootkit\u00a0 <\/em>prirode, oni se \u010desto koriste zajedno sa drugim zlonamjernim k\u00f4dovima, ali po\u0161to sam <em>Reptile<\/em> obezbje\u0111uje obrnuto komandno okru\u017eenje, sistem na kome je <em>Reptile<\/em> instaliran mo\u017ee da omogu\u0107i kontrolu napada\u010du.<\/span><\/p>","protected":false},"excerpt":{"rendered":"<p>Novi rootkit zlonamjerni softver za modul Linux jezgra nedavno je objavljen na GitHub platformi i nazvan Reptile. To je rootkit otvorenog k\u00f4da koji ima mogu\u0107nost da sakrije sebe, druge zlonamjerne k\u00f4dove, datoteke, direktorijume i&#46;&#46;&#46;<\/p>","protected":false},"author":1,"featured_media":5191,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[141,494,102],"class_list":["post-5175","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-hronike","tag-linux","tag-reptile","tag-rootkit"],"_links":{"self":[{"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/posts\/5175","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/comments?post=5175"}],"version-history":[{"count":0,"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/posts\/5175\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/media\/5191"}],"wp:attachment":[{"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/media?parent=5175"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/categories?post=5175"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/tags?post=5175"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}