Don
Linux Worm Targeting Hidden Devices
Created: 27 Nov 2013 11:53:48 GMT | Translations available: 日本語
Symantec has discovered a new Linux worm that appears to be engineered to target the “Internet of things”. The worm is capable of attacking a range of small, Internet-enabled devices in addition to traditional computers. Variants exist for chip architectures usually found in devices such as home routers, set-top boxes and security cameras. Although no attacks against these devices have been found in the wild, many users may not realize they are at risk, since they are unaware they own devices that run Linux.
The worm, Linux.Darlloz, exploits a PHP vulnerability to propagate itself in the wild. The worm utilizes the PHP 'php-cgi' Information Disclosure Vulnerability (CVE-2012-1823), which is an old vulnerability that was patched in May 2012. The attacker recently created the worm based on the Proof of Concept (PoC) code released in late Oct 2013.
Upon execution, the worm generates IP addresses randomly, accesses a specific path on the machine with well-known ID and passwords, and sends HTTP POST requests, which exploit the vulnerability. If the target is unpatched, it downloads the worm from a malicious server and starts searching for its next target. Currently, the worm seems to infect only Intel x86 systems, because the downloaded URL in the exploit code is hard-coded to the ELF binary for Intel architecturesRead More...
http://www.symantec.com/connect/blogs/linux-worm-targeting-hidden-devices
Linux Worm Targeting Hidden Devices
- Beware of new worm targeting Linux PCs – Symantec | SciTech | GMA News Online
- Linux Worm Targeting Hidden Devices | Symantec Connect Community
- Linux.Darlloz | Symantec
- Virus info Linux and Windows
- Antivirus scan for 5cb14d0745d7b09bcbeba3114cc06c5f at UTC - VirusTotal
- avast! blog » Linux Trojan “Hand of Thief” ungloved
- avast! Linux Home Edition
- best security list 2013 - Search on DonsDeals Blog
- Best Security List - Google Custom Search on DonsDeals Blog
- best secutriy list - Google Custom Search on DonsDeals Blog
- Clam AntiVirus
- Clam AntiVirus
- ClamWin CD/USB - HowTo
- Comodo - Google Search
- Computer worm - Wikipedia, the free encyclopedia
- crafted.win32file.ols - Google Search
- CrowdStrike: HTTP iframe Injecting Linux Rootkit
- DonsDeals: Avast! AntiVirus For Both Window and Linux Home Edition
- DonsDeals: BBC NEWS | Programmes | Click | BBC team exposes cyber crime risk
- DonsDeals: Best Free Rootkit Scanner/Remover
- DonsDeals: Conficker Worm Called An Epidemic
- DonsDeals: CrowdStrike - HTTP iframe Injecting Linux Rootkit (Vrius info)
- DonsDeals: Download Comodo System-Cleaner
- DonsDeals: Facebook Users Targeted By Fake Virus Alert
- DonsDeals: Firewall & Antivirus Software Suite - Internet Security | Comodo
- DonsDeals: Free Agent: Linux Firewalls and Antivirus--Needed or Not? - PCWorld
- DonsDeals: Free Desktop PC Security - Free Downloads Keep your PC Safe | Comodo
- DonsDeals: Immunet v2 update on the way: adds multi-engine malware and virus scanning to cloud-powered core
- DonsDeals: Jotti's malware scan
- DonsDeals: Linux users be Aware of this Trojan - Hand of Thief malware could be dangerous (if you install it) - TechRepublic
- DonsDeals: M86 Security Finds URL Filters Anti Virus Scanners Ineffective
- DonsDeals: New Kneber Botnet Tied To 75 000 Systems
- DonsDeals: PC Hell: Free RootKit Removal Tools and Software
- DonsDeals: Privacy = Security and Security = Privacy...
- DonsDeals: Probably the best free security list in the world
- DonsDeals: Probably the Best Free Security List in the World
- DonsDeals: Probably the Best Free Security List in the World - Updated 28. August 2012
- DonsDeals: Re: Viruses now penetrating deeper | Tech News on ZDNet
- DonsDeals: Setting up Avast Antivirus to Protect your Windows PC...
- DonsDeals: TDL4 MBR Rootkit Virus Alureon TDSS Removal by Britec - YouTube
- DonsDeals: The first Linux botnet? | ITworld
- DonsDeals: There are Viruses, Trojans, Worms and Rootkits, that can infect a Linux OS
- DonsDeals: Trinityhome : New TRK 3.4: easier than ever before
- DonsDeals: Updated Conficker Ropes Victims into Rogue Antivirus Scam
- DonsDeals: VirSCAN.org - Free Multi-Engine Online Virus Scanner v1.02, Supports 37 AntiVirus Engines!
- Download Enhanced Mitigation Experience Toolkit 4.1 from Official Microsoft Download Center
- Download RogueKiller (Official website)
- Download System-Cleaner
- Firewall & Antivirus Software Suite - Internet Security | Comodo
- Free Antivirus for Windows - Open source GPL virus scanner
- Google Translate - http://www.chkrootkit.org/download.htm
- Hand of a Thief malware targets Linux users’ bank accounts | Apps and Software | Geek.com
- Hand of Thief malware could be dangerous (if you install it) - TechRepublic
- How to Detect Rootkits on a Computer | eHow.com
- Jotti's malware scan
- KlamAV
- KlamAV - ClamAV for KDE | Free Development software downloads at SourceForge.net
- klamav - Google Search
- KlamAV GUI Screen Animation
- Linux Today - Hand of a Thief malware targets Linux users' bank accounts
- Linux Virus - Google Custom Search on DonsDeals Blog
- Lynis
- 'Neverquest' trojan threatens online banking users - Computerworld
- New Linux Rootkit Emerges | threatpost
- News | VirusBlokAda
- Online banking faces a new threat - Securelist
- online virus scan file upload - Google Search
- Powerful Free Microsoft Security Tool EMET has Been Updated
- Probably the Best Free Security List in the World
- Remote PC through VPN Access - Secure Remote Access | Comodo
- remove sasser virus - Google Search
- remove sasser virus - Google Search
- RogueKiller - CNET Download.com
- rootkits computer - Google Search
- Rootkit - Wikipedia, the free encyclopedia
- Search results for Gizmo's Freeware website
- The Rootkit Hunter project
- trinity - Google Search
- Trojan horse (computing) - Wikipedia, the free encyclopedia
- trojans computer - Google Search
- Trojans - Google Search
- trojan.tdss-7762 - Google Search
- Trojan - Trojans and Viruses in Computer Networking
- Unhide homepage - Welcome
- VirSCAN.org - Free Multi-Engine Online Virus Scanner v1.02, Supports 36 AntiVirus Engines!
- VirusTotal - Free Online Virus, Malware and URL Scanner
- wine gecko - Google Search
- WinPlanet Downloads for Windows Desktop Utilities
- worms computer - Google Search
No comments:
Post a Comment