Discovery DateSometime in 2002 from a Honeynet system
Length205108
MD5sum1d726de4f7fe7e580c8fad4b3e4703f6
TypeBackdoor
OSLinux

the-binary combines the function of

A hacker can use it to execute commands remotly as root (administrator under Linux) and lauch a DoS attack against other servers.

Method of infection

A hacker using the administrator account (root) on a Linux machine has executed the program.

Removal instructions

To stop it, run as root user the command kill -9 pid_of_false_mingetty or restart the machine. If this binary is part of a rootkit, extra operations may be needed.

Symptoms

This programs runs as root and hides under the name [mingetty]. On most system, you can see the real mingetty program as /sbin/mingetty.

The Denial of Service attacks can slow down your network connection.