| 發表文章 | 發起投票 |
[John Linux] Malware Shishiga撞爆你密碼
Linux Shishiga malware using LUA scripts
Among all the Linux samples that we receive every day, we noticed one sample detected only by Dr.Web – their detection name was Linux.LuaBot. We deemed this to be suspicious as our detection rates for the Luabot family have generally been high. Upon analysis, it turned out that this was, indeed, a bot written in Lua, but it represents a new family, and is not related to previously seen Luabot malware. Thus, we’ve given it a new name: Linux/Shishiga. It uses 4 different protocols (SSH – Telnet – HTTP – BitTorrent) and Lua scripts for modularity.
https://www.welivesecurity.com/2017/04/25/linux-shishiga-malware-using-lua-scripts/
Shi
Among all the Linux samples that we receive every day, we noticed one sample detected only by Dr.Web – their detection name was Linux.LuaBot. We deemed this to be suspicious as our detection rates for the Luabot family have generally been high. Upon analysis, it turned out that this was, indeed, a bot written in Lua, but it represents a new family, and is not related to previously seen Luabot malware. Thus, we’ve given it a new name: Linux/Shishiga. It uses 4 different protocols (SSH – Telnet – HTTP – BitTorrent) and Lua scripts for modularity.
https://www.welivesecurity.com/2017/04/25/linux-shishiga-malware-using-lua-scripts/
Shi
0
0本貼文共有 0 個回覆
此貼文已鎖,將不接受回覆
| 發表文章 | 發起投票 |