Kali Linux, a workhorse among information security professionals, has a secret root kit that is only now being discovered.
Charles Miller, a penetration tester in Scranton, PA, was on the job one day when a voice came out of the speakers -- of his Kali Linux laptop. "Whoever it was, I think they were speaking Russian," he told Secure News's Pamela Stewart. Miller was alarmed, but also intrigued. Why was there a foreign voice in his laptop?
In Siberia, at The secret base of a group called LHC-99, a man named Dimitri Markov has accidentally triggered the microphone on his own laptop, instead of Miller's. Markov was using a, until-now secret backdoor present in all Kali Linux systems. Part of his job, says FBI Special Agent Jamie Bradens, was to listen in on American security professionals.
Bradens was investigating suspicious information leaks when the break came. Markov was flying through Italy, and Italian airport security agreed to help her apprehend the Russian hacker. "A lot of the time, these guys are untouchable. We can't get them over there. Thankfully we were able to catch this Markov guy and make him talk," said Bradens.
Correction: The backdoor doesn't affect Astra Linux as previously reported. Instead, Astra linux users who are spying on Kali users have to be very careful not to click the wrong button. Kali developer 'BinkyBear' released comments on a page set up for that purpose..
More information about the attack: BVC