Hi, I recently did several scans on my linux system. One of the things that concerned me was that chkrootkit discovered possible Windigo installed which I understand is a backdoor. The reason for my concerns are the other night I was on a chat which I didn't realize until later it used P2P feeds and lots of people have been known to try and hack people on that chat. However when I was on it I had Firewall enabled and was using PureVPN.
I checked for vulnerable ports to see if they were open and they were not unless I'm mistaken. Iam wondering if the only possible way the windigo got installed would be knowing an ip and then exploiting a vulnerable port unless of course it was a false positive.
I have asked on other sites but they were'nt able to really answer these questions.