Linux rootkit hacker suspect arrested in UK

A 21-year old from Surbiton, Surrey has been arrested on suspicion of writing and distributing the T0rn rootkit, which dumbs down the process of hacking Linux servers.

Officers from Scotland Yard's Computer Crime Unit arrested the man for alleged offences under Computer Misuse Act 1990 earlier this week, as part of a joint FBI/Scotland Yard investigation into the creation of the T0rn rootkit. A search warrant was served and computer equipment seized from his house.

Today the man was released on police bail until October pending further inquiries.

The T0rn rootkit has been a hazard for system admins since its creation two years ago, most particularly when the rootkit was bundled as the backdoor component of the Lion worm, released in the middle of last year.

Lion, which attacked vulnerable Linux BIND (DNS) servers, was a particularly nasty little package. It left infected victims with no choice but to re-format their entire systems and rebuild from scratch.

TOrn is explained in greater detail here. ®