Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


New DDoS Botnet Infects Windows along with Linux Computers; Poland CERT

According to Poland Computer Emergency Response Team (CERT), its security researchers recently discovered one fresh DDoS (distributed denial-of-service) botnet that spread a kind of malware which contaminated Linux as well as Windows computers, published softpedia.com dated December 18, 2013.

The researchers state that the botnet has been created for executing solely DDoS assaults, the majority being DNS Amplification assaults. At the time the report by Poland CERT was released, nearly all anti-virus programs had detected the malware targeting Windows computers, whereas, merely a few AV engines could detect the malware for Linux. What's more, the Linux malware attempted at linking up with the command and control server through one high-powered Transmission Control Protocol (TCP) port.

The researchers explained that the port and IP of the C&C server were encrypted. When the bot became active, it transmitted information about operating systems unencrypted while looked forward to receiving commands from the server. Help Net Security published this dated December 18, 2013.

Upon studying the malicious program, it was concluded that the threat could execute 4 kinds of DDoS assaults. Besides, it had other capabilities which hadn't yet been carried out.

It was further found that while the Linux variant of the bot communicated with the C&C system through an Internet Protocol address, the Windows version communicated through one domain name as also over another port. However, both variants of the threat used the same command-and-control infrastructure, suggesting that an identical group of criminals were behind both, as per analysis by Polish CERT.

And because the malware executed just DDoS assaults the researchers think the attackers possibly focused on compromising PCs using lot of network bandwidth such as servers, which they had. That possibly was also responsible for the two malware variants -Linux OS was the preferred one for sever systems.

Meanwhile, similar as the malicious program which was detected recently targeting Linux, another bot lately came in the notice of Andre DiMino, a George Washington University security researcher who had let attackers hijack his honeypot Linux-based computers. The bot was developed in Perl language, DiMino discovered. Pcadvisor.co.uk published this dated December 18, 2013.

ยป SPAMfighter News - 12/25/2013

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page