Researchers security discovered a malicious Java application designed to perform DDOS (distributed denial-of-service) attacks from the infected computers. Interestingly, the malicious application, written in Java, can run on Windows, Linux and Mac OS computers.
According to Kaspersky, malware developers (EUR:Backdoor.Java.Agent.a.) used it Zelix Klassmaster Obfuscator to prevent researchers from analyzing malware, and security applications to detect it.
When it infects one computer, ανάλογα με το λειτουργικό σύστημα, εκτελεί ορισμένες ενέργειες για να διασφαλίσει ότι θα ξεκινήσει με την επόμενη εκκίνηση. Στα Windows, τροποποιεί τα μητρώα, ενώ στις συσκευές με Mac OS, uses the service “launchd.”
On Linux machines, he adds himself / herself to /etc/init.d/.
As soon as it secures its installation, bot starts communicating with its developer via IRC protocol.
The malware is capable of launching HTTP and UDP flood attacks. Hackers who manage it simply send a command through an IRC channel and specify the target IP address, the number of door, τη διάρκεια της επίθεσης, καθώς και τον αριθμό των χτυπημάτων που θα χρησιμοποιείται.
