Record month for Linux Trojans
Posted on 19.05.2014
If you think that you are protected from malware if you use Linux, think again, warn researchers from AV manufacturer Dr. Web, who identified and examined a record-high number of Trojans for Linux this month - and the month isn't over yet.

According to the researchers, the different variants of three distinct Trojans they found seem all to have been created by the same person.

Most of these Trojans are created to carry out DDoS attacks via a number of protocols and requests - they are capable of launching SYN, UDP, TCP and ping flooding, as well as of mounting DNS and NTP amplification attacks.

There are variants that target Linux ARM distributions, others that infect servers and desktops running 32-bit versions of Ubuntu and CentOS, others still that target 64-bit versions of Linux.

Once on a target machine, the Trojans first make sure that they will be started automatically each time the machine is rebooted, then they collect information about the system's hardware and software (CPU model, available memory, OS version, etc.).

The information is then sent in encrypted from to the remote C&C server, from which the malware then receives commands on what to do next, i.e. which target to attack, and updates.

"The command servers facilitating control over the Trojans are located mainly in the territory of China, and the corresponding DDoS attacks are directed mainly against Chinese websites," they noted. Infected Linux machines, on the other hand, are not located only in China, so be careful.









Spotlight

People will do anything for free Wi-Fi

Posted on 30 September 2014.  |  A new Wi-Fi investigation conducted on the streets of London shows that consumers carelessly use public Wi-Fi without regard for their personal privacy.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Wed, Oct 1st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //