Ashley Carman, Editorial Assistant January 07, 2015
http://media.scmagazine.com/images/2014/09/26/bash61_662519.jpg?format.jpg&zoom=1&quality=70&anchor=middlecenter&width=320&mode=pad
The newly discovered 'XOR.DDoS trojan infects Linux systems to possibly build an army of devices to be used in distributed denial-of-service (DDoS) attacks. A newly discovered trojan is infecting Linux systems and possibly building up an arsenal of devices to be used in distributed denial-of-service (DDoS) attacks, according to a blog post from Avast.
The new threat, XOR.DDoS, alters its installation depending on the victim's Linux environment and then later runs a rootkit to avoid detection. Although a similar trojan has been spotted in Windows systems, Peter Kálnai, malware analyst at Avast, said in a Wednesday interview with SCMagazine.com that this trojan ventures into relatively untapped territory by targeting Linux systems.
“It's very hard to set a rootkit component within a Linux boundary because it needs to agree with the versions of the victims' operating systems,” Kálnai said.
Full Article
Stealthy 'XOR.DDoS' trojan infects Linux systems, installs rootkit
Userlevel 7
+54
Userlevel 7
+54
An update on the previous article.
February 6, 2015 By Lucian Constantin
The malware, known as XOR.DDoS, was first spotted in September by security research outfit Malware Must Die. However, it has since evolved and new versions were seen in the wild as recently as Jan. 20, according to a new report Thursday from security firm FireEye, which analyzed the threat in detail.
XOR.DDoS is installed on targeted systems via SSH (Secure Shell) brute-force attacks launched primarily from Internet Protocol (IP) addresses registered to a Hong Kong-based company called Hee Thai Limited.
Full Article
February 6, 2015 By Lucian Constantin
The malware, known as XOR.DDoS, was first spotted in September by security research outfit Malware Must Die. However, it has since evolved and new versions were seen in the wild as recently as Jan. 20, according to a new report Thursday from security firm FireEye, which analyzed the threat in detail.
XOR.DDoS is installed on targeted systems via SSH (Secure Shell) brute-force attacks launched primarily from Internet Protocol (IP) addresses registered to a Hong Kong-based company called Hee Thai Limited.
Full Article
Reply
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.