Posted Sep 2, 2011 18:44 UTC (Fri) by abacus
In reply to: kernel.org compromised
Parent article: kernel.org compromised
What you wrote makes sense to me, but you might be overestimating the power of the rootkit that infected kernel.org. Apparently what it does is gathering the contents of the .ssh directory and the shell command history files of each user. Source: Mary Heintz, University of Chicaco phalanx2 Infection Report, August 2008.
to post comments)