Windows 10 was my only operating system for a while and I had some bad security practices such as not keeping Windows up-to-date,installing software from third party websites.
Today I have both Windows 10 and Ubuntu 21.04 installed on my system. I updated Windows 10 and I scanned my system with various antivirus software and Microsoft Defender Offline. Windows Defender detected one Trojan which I removed it.
And when I run chkrootkit in Ubuntu I get this output:
Checking `wted'... 2 deletion(s) between and
Checking `z2'... user user2 deleted or never logged from lastlog! user user1 deleted or never logged from lastlog!
Checking `chkutmp'... The tty of the following user process(es) were not found in /var/run/utmp ! ! RUID PID TTY CMD ! user1 10769 pts/0 bash ! user1 10775 pts/0 sudo chkrootkit ! root 10777 pts/0 /bin/sh /usr/sbin/chkrootkit ! root 11483 pts/0 ./chkutmp ! root 11485 pts/0 ps axk tty,ruser,args -o tty,pid,ruser,args ! root 11484 pts/0 sh -c ps axk "tty,ruser,args" -o "tty,pid,ruser,args"
Now I'm worried if I downloaded some Rootkit in Windows that compromised my hardware/firmware,BIOS,etc.
Both operating systems are working properly.
Should I be worried about chkrootkit results?
Is there anyway to detect such Rootkits?
From my understanding they are very hard to detect.
http://dlvr.it/S0Zrdr
G:7-Security (Cyber Security Research and Global Information Security Services)
No comments:
Post a Comment