Linux-powered botnet launches a 150Gbps DDoS attack2015-10-01 15:51 by Daniela
Tags: Linux, XOR DDoS, malware
A new Trojan malware, called XOR DDoS has been spotted in the wild. It was first discovered in September 2014, but now researchers at Akamai Technologies are warning that this Trojan can create a Linux botnet, capable of strikingdistributed denial-of-service, or DDoS, attacks at more than 150 Gbps, which is many times over what the typical infrastructure of companies would be able to withstand.
The malware uses poorly configured Linux systems for its attack. Among them are devices embedded into the systems such as storage devices attached to the network and Wi-Fi routers. After gaining SSH (secure shell) access to these machines, the Trojan downloads a small piece of botnet hardware, turning the system into yet another node in the botnet that can reproduce the same thing.
The company has mentioned the malware in its latest "State of the Internet" report, assigning the threat a risk factor of "high."
"A decade ago, Linux was seen as the more secure alternative to Windows environments, which suffered the lion's share of attacks at the time, and companies increasingly adopted Linux as part of their security-hardening efforts," the Akamai team said. "As the number of Linux environments has grown, the potential opportunity and rewards for criminals has also grown. Attackers will continue to evolve their tactics and tools and security professionals should continue to harden their Linux based systems accordingly."
Read more -here-