Hey you,

35,000 ransomware infections per month and you still believe you are protected?

Sign up to receive:

  • alerts
  • news
  • free how-to-remove guides

of the newest online threats - directly to your inbox:

Linux.Mirai Trojan Carries Out DDoS Attacks


Linux.Mirai is a new Trojan recently found to be at fault for DdoS attacks. The malware was first registered in May, 2016, when it was detected by Dr. Web. Back then, it was added to the company’s virus databases under the name Linux.DDoS.87. The Trojan is compatible with SPARC, ARM, MIPS, SH-4, M68K architectures and Intel x86 computers.

Related: Linux.PNScan Malware Brute-Forces Linux-Based Routers

The malicious program first appeared in May 2016, detected by Doctor Web after being added to its virus database under the name Linux.DDoS.87. The Trojan can work with with the SPARC, ARM, MIPS, SH-4, M68K architectures and Intel x86 computers.

Linux.Mirai searches the memory for the processes of other Trojans and terminates them upon its launch. The Trojan then creates a .shinigami file in its folder and verifies its presence regularly to bypass terminating itself. The malware is also designed to connect to a command & control server for further instructions.

If any instructions say so, the Trojan can launch UDP flood, UDP flood over GRE, DNS flood, TCP flood (several types), and HTTP flood DDoS attacks, SC Magazine reports.

Dr. Web researchers recommend users to run a full scan of all disk partitions to prevent the Trojan from infecting them.

Milena Dimitrova

An inspired writer, focused on user privacy and malicious software. Enjoys 'Mr. Robot' and fears '1984'.

More Posts - Website

Share on Facebook Share
Share on Twitter Tweet
Share on Google Plus Share
Share on Linkedin Share
Share on Digg Share
Share on Reddit Share
Share on Stumbleupon Share
Please wait...

Subscribe to our newsletter

Want to be notified when our article is published? Enter your email address and name below to be the first to know.