Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- The clients called "Badlion", and "Lunar" are both malicious kernel-mode rootkits, disguised as an anti-cheat PvP client. A quick google search of phrases like "badlion ring 0", or "badlion rootkit" will bring up countless results of this being discussed. If you would like irrefutable proof, simply inspecting it via commandline will clearly showcase it: <https://i.imgur.com/KcZ6480.png>
- Further reading about the general information of what a rootkit and kernel mode is: <https://en.wikipedia.org/wiki/Rootkit>
- > *A rootkit is a collection of computer software, typically malicious, designed to enable access to a computer or an area of its software that is not otherwise allowed and often masks its existence.*
- > *Kernel-mode rootkits run with the highest operating system privileges (Ring 0) by adding code or replacing portions of the core operating system, including both the kernel and associated device drivers.*
- https://i.imgur.com/sVfVSBL.png
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
