Перейти к содержимому


Фото
- - - - -

"Doctor Web" explored Linux-Trojan written in Rust


  • Please log in to reply
1 ответов в теме

#1 Mr.Pr

Mr.Pr

    Member

  • Posters
  • 267 Сообщений:

Отправлено 08 Сентябрь 2016 - 16:00

September 8, 2016

 

Virus analysts the company "Doctor Web" explored new Linux-Trojan, received the name Linux.BackDoor.Irc.16. Its peculiarity lies in the fact that it is written in the language of Rust - before analysts have not seen the Trojans created with this technology.

Linux.BackDoor.Irc.16 It is a backdoor - this malware executes commands received from intruders. To retrieve the Trojan uses the IRC protocol text messaging (Internet Relay Chat). By connecting to a predetermined configuration in its public chat channel, Linux.BackDoor.Irc.16 expects to control messages.

 

linux_backdoor_irc16.1.png

 

The Trojan is able to perform only four teams - join a specified chat channel, cybercriminals send information about the infected computer to send data about running applications in the system or remove itself from infected machines.

Linux.BackDoor.Irc.16 different from other IRC-bots that this Trojan is written in the language of Rust. Rust - a programming language, an organization sponsored by the Mozilla Research, the first stable version of which appeared recently, in 2015. The Trojan is a cross-platform: to run it on Windows, virus writers simply recompile the malicious program. Virus analysts of "Doctor Web" suggest that Linux.BackDoor.Irc.16 is created by someone prototype (Proof of Concept), as it does not contain any self-propagation mechanisms, and IRC-channel through which a Trojan receives commands, there is currently no activity.

signature Linux.BackDoor.Irc.16 added to the virus database Dr.Web, so it does not pose a risk to our users.

 

More about Trojans

 

 

Sources:

 

Russian : http://news.drweb.ru/show/?i=10193&lng=ru&c=5

English : as soon as possible!

 


“The security industry in that case becomes bullshit, because people believe in those products and use them in their corporate environments without understanding that those products are just following others,”  - Boris Sharov

 

DrWeb Gallery for your Avatars: Click

My Telegram ID: @Parhamx

 

Best Regards,

Parham


#2 Mr.Pr

Mr.Pr

    Member

  • Posters
  • 267 Сообщений:

Отправлено 09 Сентябрь 2016 - 11:46

English Source : http://news.drweb.com/show/?i=10193&c=5&lng=en&p=0


“The security industry in that case becomes bullshit, because people believe in those products and use them in their corporate environments without understanding that those products are just following others,”  - Boris Sharov

 

DrWeb Gallery for your Avatars: Click

My Telegram ID: @Parhamx

 

Best Regards,

Parham



Читают тему: 0

0 пользователей, 0 гостей, 0 скрытых