Record month for Linux Trojans
Posted on 19.05.2014
If you think that you are protected from malware if you use Linux, think again, warn researchers from AV manufacturer Dr. Web, who identified and examined a record-high number of Trojans for Linux this month - and the month isn't over yet.

According to the researchers, the different variants of three distinct Trojans they found seem all to have been created by the same person.

Most of these Trojans are created to carry out DDoS attacks via a number of protocols and requests - they are capable of launching SYN, UDP, TCP and ping flooding, as well as of mounting DNS and NTP amplification attacks.

There are variants that target Linux ARM distributions, others that infect servers and desktops running 32-bit versions of Ubuntu and CentOS, others still that target 64-bit versions of Linux.

Once on a target machine, the Trojans first make sure that they will be started automatically each time the machine is rebooted, then they collect information about the system's hardware and software (CPU model, available memory, OS version, etc.).

The information is then sent in encrypted from to the remote C&C server, from which the malware then receives commands on what to do next, i.e. which target to attack, and updates.

"The command servers facilitating control over the Trojans are located mainly in the territory of China, and the corresponding DDoS attacks are directed mainly against Chinese websites," they noted. Infected Linux machines, on the other hand, are not located only in China, so be careful.









Spotlight

The synergy of hackers and tools at the Black Hat Arsenal

Posted on 27 August 2014.  |  Tucked away from the glamour of the vendor booths and the large presentation rooms filled with rockstar sessions, was the Arsenal - a place where developers were able to present their security tools and grow their community.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Aug 29th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //