Linux.Mirai is a new Trojan recently found to be at fault for DdoS attacks. The malware was first registered in May, 2016, when it was detected by Dr. Web. Back then, it was added to the company’s virus databases under the name Linux.DDoS.87. The Trojan is compatible with SPARC, ARM, MIPS, SH-4, M68K architectures and Intel x86 computers.
The malicious program first appeared in May 2016, detected by Doctor Web after being added to its virus database under the name Linux.DDoS.87. The Trojan can work with with the SPARC, ARM, MIPS, SH-4, M68K architectures and Intel x86 computers.
Linux.Mirai searches the memory for the processes of other Trojans and terminates them upon its launch. The Trojan then creates a .shinigami file in its folder and verifies its presence regularly to bypass terminating itself. The malware is also designed to connect to a command & control server for further instructions.
If any instructions say so, the Trojan can launch UDP flood, UDP flood over GRE, DNS flood, TCP flood (several types), and HTTP flood DDoS attacks, SC Magazine reports.
Dr. Web researchers recommend users to run a full scan of all disk partitions to prevent the Trojan from infecting them.
Milena Dimitrova
An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim
Follow Me: