The specialists of "Doctor Web" found a new virus family of operating systems Linux. This Trojan Linux.Rekoobe.1, who can execute commands from a remote server.
According to analysts, this Trojan was originally developed under the processor architecture SPARC, but then adapted for x86-64. The virus has its own configuration file that reads data for authentication of the proxy server through which the connection to the management server. It knows how to work with the terminal infected machines and transfer files from the server to the controlled computer and back.
It is also noted that ships with infected machines information is encrypted and transmitted in the form of separate blocks.
At the same time the virus itself is quite simple - it is able to perform only three teams: a management server to download and upload files on the infected computer, shell commands and transmit a response to the remote server.
This virus signature is already entered into the database of Dr.Web for Linux. Related Products :
|