Web Analytics

There is a new Trojan in town and it’s DDoS nightmare

Security researchers at security firm based in Russia, Doctor Web have discovered one more Trojan which targets Linux devices and conducts Distributed Denial of Attacks to the websites. The new malware has been named the Linux.Mirai by the security researchers and they say that the malware works with the SPARC, the ARM, MIPS, SH-4, and the M68K architectures together with the Intel x86 computers.

There is a new Trojan in town and it's DDoS nightmareOne of the important things about the Linux.Mirai malware is that it was previously by the same security company back in May this year. Then, the researchers named it Linux.DDoS.87. It is also said to have some similar features to the Linux.BackDoor.fgt, one of the back doors which were discovered to have infected Linux back in 2014.

However, the Linux.DDoS.87 is known to target the operating system of the Linux devices and then killing the old and existing trojans which might be on the device. The malware avoids deleting itself by creating a file named the .shinigami file, in its folder and routinely checks the file’s presence.

On top of that, the Trojan can connect back the command to control server and gets more instructions as a result. It also enables it to send the MAC address and the architecture of the infected system. The malware stays ready and when it’s commanded to some DDoS attacks, it can start with some attacks such as the UDP flood, the UDP flood over the GRE, DNS flood, HTTP flood and the TCP flood.

The Linux.Mirai also comes packed with some more packages than its predecessors. One of the new and added features is that it can turn off the Linux WatchDog timer, one software component which enables the device to switch off and reset the computer system in case of a fault.

The revelations surely come as a surprise since Linux was once considered to be the most secure of the operating systems out there. Recently, they have become one of the prime targets for the cyber criminals out there.

Some of the recent malware which have been seen to target the Linux operating system include BashLite and the LuaBot malware.