Your new post is loading...
A malware program designed for Linux systems, including embedded devices with ARM architecture, uses a sophisticated kernel rootkit that’s custom built for each infection.
The malware, known as XOR.DDoS, was first spotted in September by security research outfit Malware Must Die. However, it has since evolved and new versions were seen in the wild as recently as Jan. 20, according to a new report Thursday from security firm FireEye, which analyzed the threat in detail.
XOR.DDoS is installed on targeted systems via SSH (Secure Shell) brute-force attacks launched primarily from Internet Protocol (IP) addresses registered to a Hong Kong-based company called Hee Thai Limited.
The attacks attempt to guess the password for the root account by using different dictionary-based techniques and password lists from past data breaches. FireEye observed well over 20,000 SSH login attempts per targeted server within a 24-hour period and more than 1 million per server between mid-November and end of January.
Learn more:
- http://www.scoop.it/t/securite-pc-et-internet/?tag=Linux
Learn more:
- http://www.scoop.it/t/securite-pc-et-internet/?tag=Linux