rkhunter: VAX-order 68K Blit (standalone) executable

bloatedstoat

• October 19, 2015 20:23

This just cropped up in our rkhunter log and I've never come across this one before. Warning: Suspicious file types found in /dev: /dev/.udev/queue.bin: VAX-order 68K Blit (standalone) executable Makes me feel a bit uneasy. Anyone know if I should be uneasy! Thanks.

• 

  cPanelMichael

  • October 28, 2015 15:40

  Hello :) You can search for "/dev/.udev/queue.bin" on a search engine such as Google and there are a few results with discussions of this report from RKHunter. Thank you.

  0
• 

  bloatedstoat

  • October 28, 2015 20:04

  Thanks Michael, I did just that before submitting the post. Actually I searched for "VAX-order 68K Blit" and that threw up a bunch of results; some relating to malware and another to backdoors on switches. The warning has now gone in the log. I was unable to find any reference to "/dev/.udev/queue.bin" with VAX-order on Google however. Thank you for taking the time to answer this query.

  0
• 

  cPanelMichael

  • November 09, 2015 18:38

  You may need to consult with a qualified system administrator or security expert if you want to have your system examined to determine if it was exploited. Thank you.

  0

Please sign in to leave a comment.