A new Linux rootkit has emerged and researchers say it appears to be a custom-written tool designed to inject iframes into Web sites and drive traffic to malicious sites for drive-by download attacks. The rootkit is designed specifically for 64-bit Linux systems and while it has some interesting features, it does not appear to be the work of high-level programmer or be meant for use in targeted attacks. Researchers say the rootkit’s method for maintaining persistence on the infected machine is somewhat sloppy. The malware relies on a remote command-and-control server for some instructions.
Source: https://threatpost.com/new-linux-rootkit-emerges-112012/77231/