1

Yesterday I found out about the existence of the Backdoor.Linux.Gafgyt.A trojan backdoor. I did run chkrootkit vs 0.49 and rkhunter 1.40. But surprisingly in the logs, I could not see these programs had this quite new backdoor in their database.

So what is the best way to find out if my computer has no backdoor?

grtz
  • 61
  • 7

1 Answers1

1

The Trojan in question has an md5sum of 5924BCC045BB7039F55C6CE29234E29A. A long list of products will detect it. Available here

Source: http://telussecuritylabs.com/threats/show/TSL20140925-03

Elder Geek
  • 35,476
  • 25
  • 95
  • 181
  • Thanks. But... these are all either trial and then pay software. Or even only windows.... Maybe there is another way? I've seen a very well explained answer here, [link](http://askubuntu.com/a/587903/114007) , but is there a way to do a quick search. Can you explain me for example how to search and find trojans with the md5sum? – grtz Jun 10 '15 at 17:56
  • You'd have to write a script. you could start with this: `find . -type f -name '*' -exec md5sum {} \;` and then grep the output for the known md5sum. Honestly it would be simpler to use the trial software. – Elder Geek Jun 11 '15 at 01:50