On Thu, 2012-11-22 at 12:32, Laurentiu Pancescu wrote: > http://blog.crowdstrike.com/2012/11/http-iframe-injecting-linux-rootkit.html Nothing about infection vector, so it is non-issue, probably. Yes, root can be faked to install it from some third party module or even DKMS, but root shouldn't do such things without careful checking everything about third party modules. -- Kind regards, Milan