You are viewing a single thread.
View all comments 14 points
Sounds like it should at least be noticeable if you monitor resource usage?
10 points
That’s how some people found it, but it would disappear when someone would login to investigate.
9 points
4 points
*
5 points
*
Yes, but they replace common tools like top or lsof with manipulated versions. This might at least trick less experienced sysadmins.
Edit: Some found out about the vulnerability by ressource alerts. Probably very easy in a virtualized environment. The malware can’t fool the hypervisor ;)
3 points