Stories
Slash Boxes
Comments

SoylentNews is people

posted by CoolHand on Wednesday July 29 2015, @03:42PM   Printer-friendly
from the baking-our-backdoors-all-the-way dept.

A new Linux backdoor botnet agent is fortunately only half-baked. From the article:

[Russian malware writers] have stitched together a new Linux backdoor. Fortunately for internet hygiene the botnet agent – which packs a variety of powerful features – is faulty and only partially functional.

The backdoor, dubbed Dklkt-1 was designed to be a cross-platform nasty capable of infecting both Windows and Linux machines.

Cyber-criminals planned to equip the program with a large number of functions typical of SOCKS proxy servers, remote shells, file managers, and so on.

However, at the moment, the malware ignores the majority of incoming commands due to programming mistakes.

If successfully planted, the malware tries to register itself in the system as a daemon (system service). Thereafter it uses LZO compression and the Blowfish encryption algorithm to chat to command and control servers. Every packet contains a checksum, so that the recipient could verify data integrity.

Dklkt-1 waits for incoming commands that can include launching a DDoS attack, starting SOCKS proxy server, running a specified application, rebooting the computer, or turning it off. Other commands are either ignored or processed incorrectly.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 3, Funny) by Runaway1956 on Wednesday July 29 2015, @03:47PM

    by Runaway1956 (2926) Subscriber Badge on Wednesday July 29 2015, @03:47PM (#215510) Journal

    So very few vendors support Linux. You would think that the criminal portion of the developer's world might make that extra effort, but, nooooo. Just lame, half-fast support for us.

    Starting Score:    1  point
    Moderation   +1  
       Redundant=1, Funny=2, Total=3
    Extra 'Funny' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   3  
  • (Score: 2) by wonkey_monkey on Thursday July 30 2015, @07:26AM

    by wonkey_monkey (279) on Thursday July 30 2015, @07:26AM (#215782) Homepage

    2016 will be the year of Linux on the botnet.

    --
    systemd is Roko's Basilisk