A new backdoor for Linux has been spotted by security researchers, one which can download malicious files to an infected system, log keystrokes and take screenshots.
Researchers from security firm Doctor Web said they had spotted a new multipurpose Trojan designed to infect Linux machines, which they called Linux.BackDoor.Xunpes.1.
The Xunpes 1 consists of a dropper and the backdoor. The dropper is made with Lazarus, a free cross-platform IDE for the Free Pascal compiler. Once run, it displays the window pictured in the image above, and contains the backdoor – the second part of the Trojan.
The second part then installs itself and opens up a connection so that the attackers have access to the infected machine. According to security researchers, this program can do a lot of things:
“In total, Linux.BackDoor.Xunpes.1 is capable to execute more than 40 commands,” the researchers say in a report.
Submitted by: Arnfried Walbrecht