Java Bot Attacks Any OS

Tuesday, February 4, 2014 @ 08:02 AM gHale


There is a malicious Java application brewing designed to launch distributed denial-of-service (DDoS) attacks from infected computers across any platform.

Whether it is running Windows, Linux or a Mac, it has the capability to do burrow in and continue causing problems.

RELATED STORIES
Trojan Slowed, but not Gone
Trojan Remains a Danger After Deleted
Fake Ads on the Attack
Europe Hit by Yahoo Hack

The developers of this malware (HEUR:Backdoor.Java.Agent.a.) used the Zelix Klassmaster obfuscator to prevent researchers from analyzing the threat, and security solutions from detecting it, said researchers at Kaspersky Lab.

When it infects a computer, depending on the operating system, it performs certain actions to ensure that it will launch on the next startup. In Windows, it modifies registries, while on Mac OS devices, it uses the “launchd” service. On Linux machines, it adds itself to /etc/init.d/, the researchers said.

Once it finds a place to burrow in, the bot starts communicating with its master via the IRC protocol.

The malware is capable of launching HTTP and UDP flood attacks. Attackers send a command via IRC specifying the targeted IP address, the port number, the duration of the attack, and the number of threads that should end up used.

The Java bot has the capability to attack a bulk email service, researchers said.



Leave a Reply

You must be logged in to post a comment.