Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Botnet Malware Found Contaminating Linux, Mac OS X and Windows Systems, Reports Kaspersky

Penetration testing experts at Kaspersky recently discovered one botnet malware designed to contaminate computers with operating systems such as Windows, Linux or Mac OS X as the devices also run Java software of Oracle.

Kaspersky named this cross platform malicious program as 'HEUR: Backdoor.Java.Agent.a.' The program primarily exploits CVE-2013-2465 while destructing the computer. The security flaw exists within Java u21 as well as its earlier editions.

To work, the bot first contaminates the PC and gets replicated inside the 'autostart' folders of files so as to make sure it becomes active whenever the system gets started. Subsequently, the PC connects with the online chat channel and then works like the central command and control server to issue instructions.

Kaspersky explains that following the installation and execution of the bot at system boot up, the malware informs its owners. That each bot may be identified, one distinct bot identifier gets produced onto every host computer. This identifier is stored onto a jsuid.dat file within home directory of the end-user, says Kaspersky. Theinquirer.net published this dated February 4, 2014.

It maybe mentioned that the attackers use the botnet for carrying out distributed denial-of-service (DDoS) assaults against devices they choose to target. They also transmit instructions inside the Internet Relay Chat (IRC) platform that lets them to tell specifically which Internet Protocol (IP) address as well as port number should be targeted along with of what duration and intensity the assaults should be.

To write the malware, only Java is used so it can run on Linux, Mac OS X and Windows systems. And to achieve greater flexibility, the botnet malware includes PircBot, which's really a Java-based Internet Relay Chat programming interface.

Kaspersky notes that the malware is made harder to get detected and examined with the utilization of Zelix Klassmaster, name of an obfuscator.

This obfuscator, besides masking bytecode, encodes series of strings. A separate code is generated for encrypting every one of the classes, implying that every string of software can be decrypted only after assessing the classes for their decryption codes, says Kaspersky. Efytimes.com published this dated February 4, 2014.

ยป SPAMfighter News - 2/10/2014

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page