Cerez is a LD_PRELOAD
Cerez is a LD_PRELOAD rootkit, it consists of two parts, a backdoor (written in python) and a loader (written in c). Loader is a SO binary that gets installed into /lib and writes its path into /etc/ld.so.preload, this way every binary on the system preloads it. By overwriting system functions like fopen, readdir, access and…
You must be logged in to post a comment.