A New Open-Source Rootkit Utilizing Port Knocking and Inverted Shell for System Control

Reptile is a new rootkit that is an open-source malware, capable of hiding itself, files, directories, and network traffic. Reptile's uniqueness lies in its inverted shell, making it easy to control the system, and using Port Knocking to connect to the C&C server. Through Port Knocking, the rootkit opens specific ports and can help install malware and give control to the attacker through a reverse shell.

It can also relay commands by hiding the target as an argument. It was found that Reptile is similar in structure to other backdoor malware such as Rekoobe and the Syslogk rootkit commonly used by Chinese groups.

To protect systems from threats like Reptile, it is important to implement proper security measures, keep systems up to date, use robust security solutions, and block malicious code infections by using the latest V3. Proactive efforts in system security are key to avoiding the impact of rootkits and other malware.