Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Symantec Discovers Darlloz a Linux Based Worm

Symantec the security company has just found one fresh Linux-based worm that researchers have named Darlloz. This malware infects computers as well as potentially other devices linked up with the Internet, particularly security cameras, set-top boxes, routers as well as industrial control servers which have Linux operating system.

Security researchers found that the worm disseminated via abusing one PHP security flaw for which a patch was issued during May 2012. For creating Darlloz, the malware author resorted to a proof-of-concept that became public during October 2013.

As accords to Kaoru Hayashi, Researcher with Symantec, Darlloz has been categorized as one low-risked malware, the reason somewhat being that its present variant attacks solely devices which are connected to CPUs that Intel has designed. Arstechnica.com published this dated November 28, 2013.

However, if the malware is slightly modified, it may start utilizing versions, which include in them existing ELF (executable and linkable format) files, which contaminate even more Internet-based systems, like those which run chips major companies beside Intel have made.

Hayashi explains that when the worm becomes active on any infected device, it produces random Internet Protocol (IP) addresses; acquires particular path using popular ID as well as passwords on that device; along with transmitting HTTP POST queries that piggy-back on the flaw. For any target system that isn't patched, the system downloads the malware after which the latter begins hunting subsequent targets, the researcher adds. Computerworld.com published this dated November 27, 2013.

Symantec researchers stated that many end-users mightn't know they were utilizing attack-prone devices both at work places and homes. Still one more problem potentially encountered was that despite end-users being wary of attack-prone systems, security vendors hadn't really supplied updates for certain products, possibly due to hardware constraints else obsolete technology like constraints of sufficient memory else an excessively slow CPU that didn't support fresh editions of the applications.

Therefore, for remaining safe from Darlloz, Symantec advises end-users towards checking every device online; making software up-to-date; making security software up-to-date as it's deployed on their systems; strengthen system passwords; and eventually block inbound HTTP POST queries that follow certain specific paths.

ยป SPAMfighter News - 12/6/2013

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page