, which continued then exchanged by Chinese hackers ddos.tf within the web, according to the statement of the boys Malware Must Die! The malware, which was codenamed Linux/DDOSTF (or Linux/MrBlack) mainly attacked computers with Linux servers Elasticsearch executed, but also attacked and infect Windows systems, particularly the oldest, Windows XP, and Windows 2003 servers.
Security researchers also claim that the
variant of Linux for this malware, distributed as a malicious executable
ELF, has much resemblance to an older malware, called JrLinux, so
possibly they are of the same family. Additionally, part of the code
could have been stolen from another famous malware Linux, Linux/Windows. Both the malware were linked to the service ddos.tf.
Analyzing telemetry data from infected
PCs, researchers say these malware’s are just one part of a larger
botnet, which is mainly used for DDoS attacks. Using the clues that have
left the malware authors in the source code, the researchers have
managed to reach from infected PCs to service ddos.tf. This website
offers the “Wrath DDoS Cluster “or “DDoS Curse Cluster” in exchange for
money.
Chinese website advertises it as a
pen-testing tool, but it’s really nothing more than a control panel for
DDoS attacks. Further investigating the source code for Linux/DDOSTF,
researchers Malware Must Die! They managed to link several
characteristics of malware with options and buttons on the control panel
of DDoS attacks on the website.
ConversionConversion EmoticonEmoticon