Clues, Vandalism, Litter Sendmail Trojan Trail

“Parker found that the Sendmail backdoor was controlled by a simple trio of one-letter commands: ‘A’ to kill the exploit, ‘D’ to execute a command, and ‘M’ to put the Trojan to sleep. The same syntax, possibly an insider’s nod to the hacker group ADM, was used in the OpenSSH backdoor, according to an analysis by the OpenSSH development team at the time.

The analyst thinks the same hacker pulled both stunts, but admits that the similarities in code don’t prove it. “It could have been a copycat,” Parker says, “or somebody could have ripped that code off because they didn’t know how to code it themselves.”

RELATED ARTICLESMORE FROM AUTHOR

How to Deploy Lightweight Language Models on Embedded Linux with LiteLLM

Automating Compliance Management with UTMStack’s Open Source SIEM & XDR

Using OpenTelemetry and the OTel Collector for Logs, Metrics, and Traces

Xen 4.19 is released

Advancing Xen on RISC-V: key updates

RELATED ARTICLES MORE FROM AUTHOR