On Wed, May 21, 2014 at 02:41 AM, DUCARROZ Birgit wrote: > > Hi, > > as of 05/13/2014 I had suddenly a lot of older files with notification > > Unix.Trojan.ElkKnot FOUND
ElkKnot (aka Elknot) is apparently a Linux Trojan associated with DDOS attacks. By coincidence, traces of it were found on an OS X machine where it doesn’t function but still spawns multiple shell scripts and postmail processes every hour. The various components can be seen here. <http://www.gimmemoneyicandoit.com/virus/crontab_and_scripts.txt>, but we have not been able to identify the installer or vector used. -Al- -- Al Varnell Mountain View, CA _______________________________________________ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/support/ml
