Several thousand Linux devices have been infected with a new Linux-based trojan, Russian security software firm Doctor Web warns.
The Linux-Proxy-10 Trojan infects network devices running Linux, turning them into a platform for cybercrime that allows crooks to remain anonymous online. Black hats run freeware code called the Satanic Socks Server on infected devices.
Miscreants hack into devices that are running with default passwords or are already infected with Linux malware in order to plant the malware.
Back in 2004, the Sasser worm removed infections caused by the MyDoom mass mailer worm on compromised systems. This kind of red-on-red action is messy and chaotic.
Last year’s Mirai worm showed the carnage that could result from abusing compromised IoT systems. The appearance of a new trojan that – like Mirai – takes advantage of default user credentials to infect IoT devices is therefore bad enough, without considering the possibility of more strains of malware capable of easily spreading onto already hacked devices.
Source: https://www.theregister.co.uk/2017/01/25/linux_proxy_10_trojan/
Submitted by: Arnfried Walbrecht
Comments are closed.