Chinese Linux Trojan Jumps to Windows

According to Russian anti-malware software house Dr. Web, a Chinese computer Trojan written for Linux OS (operating system) has apparently jumped to Windows.

Dr Web first revealed in May 2014 that the original malicious software known as "Linux.Dnsamp" is a DDOS Trojan, or a Distributed Denial of Service Trojan which transmits between Linux machines. It alters the startup scripts, collects and sends data of machine configuration to the server of the hacker and then run silently and wait for orders.

Now the same computer thugs appear to have ported the computer Trojan to run in Microsoft Windows and dubbed it "Trojan.Dnsamp.1"

The Windows edition gains admission into the operating system pretending as Windows Service Test and its then hoarded in the folder of the system of the tainted machine entitled "vmware-vmx.exe".

The threat is crafted to trigger only if the date of the system is set after 2nd December, 2013 otherwise it remains inactive.

It launches attack with a signal to attackers and then obediently waits for the commands to begin the DDoS attack. Worse, it can download and run other malevolent programs creating bigger problem for the end user.

Itprortal.com published news on 20th August, 2014 quoting the security firm as saying "researchers of Dr. Web discovered certain features in the Trojan's code which indicate that it has been written by the virus makers behind Linux.BackDoor.Gates and Linux.DDoS malware."

Dr. Web also says that they found maximum attacks against Chinese servers by this particular Trojan family during the monitoring period of 5ht June to 13th August, 2014.

In July 2014, well-known Russian security firm Kaspersky identified a comparable DDoS Trojan for Linux which, most interestingly, could conduct DNS (Domain Name System) amplification attacks and not like other Linux Trojans, it had an advanced modular structure.

Dr. Web concluded that although most users of computers are vulnerable to threat of malware everyday but to find a threat on Linux machines is a lot rarer and it is almost unheard of any type of malware to be transferred from one operating system to another operating system as is happening in the above mentioned case.

» SPAMfighter News - 8/29/2014