Threat Intelligence Report

Hooked on Linux: Rootkit Taxonomy, Hooking Techniques and Tradecraft — Elastic Security Labs

📅 March 4, 2026 📰 www.elastic.co 🔍 1 CVE(s) referenced

This report reveals how Linux rootkits have rapidly evolved from basic userland hijacking to sophisticated kernel-level implants using eBPF and io_uring, employing increasingly advanced hooking techniques to evade detection and maintain stealthy persistence in modern infrastructure.

vendor

CVE-2022-0847

🔐 Sign In to Read Full Report

You'll need to accept our Terms of Service to access the platform.

📊 Visual Mindmap

🎯 IOC Extraction

⚔️ MITRE ATT&CK TTPs

📦 STIX 2.1 Bundle