Interesting stuff... However, I don't think that most of us are affected, since "Aeris" targets Debian 7 based distributions, along with some others. I use Linux Mint 18.2, based on Debian stretch/sid - that is Debian 9...
It's important to read the comments at the bottom of the page. The posters there are reiterating the same words as the posts here. The best reply was the last post over there. "It didn't work 20 years ago. Why would it work now?"
It seems WikiLeaks has no more real stuff worth to leak and tries to attract attention anyway. Aeris is a part of project Imperial and quite outdated already. There is no details about an exploit / vulnerability and info HOW to infect the target. For me it's just like a brief manual of an application which can perform some communications once it's locally installed. Things would change if 'other hackers' would pick up the sources and use them to make recent malware out of it just some did with wannacry from the EternalBlue project. But the big difference is there is no word about getting benefit of a vulnerability.
Sad but true. There will come a time when they will have no credibility at all, and become nothing but a click-bait site.
And what then is an implant, is it a virus or a rootkit? How does it behave or what will be the symptoms of an infected unit?
Anything written in C has to be compiled (i.e. binary)... any binary has to be initiated by the OS... any initiation has to be through root ... any root requirement has to be by the user (password) I can't see how this can be automated to send data across a network...without user ignorance (i.e willingly running it). PS: to answer your question... No, it's not a virus or rootkit... it's a "listener" which sends (like in steals) info to a server.. it's just there are uninformed/sensationalist sites comparing it (due to WannaCry)
So that's just what it is. Thanks . Now I can continue reading the other interesting long threads in this MDL forums, with my linux box relieve of paranoia !
Yes it is... please tell me how this will become a WannaCry? given the differences between Admin (an inheritance from Trusted Installer) and Root