Monday, October 17, 2016

Linux Bot owned – Vulnerability makes botnet at Risk

Linux Bot owned – Vulnerability makes botnet at Risk


Trojan.Jnanabot, or alternately as OSX/Koobface made waves in security scene when it was discovered that it can Linux Bot owned – Vulnerability makes botnet at Risk - theprohack.com attack  Linux/Mac OSX machines (Windows ones included). The trojan once installed, hid itself inside an invisible folder & communicated using strong encryptions. The host can be forced to perform vanilla attacks like DDOS, Facebook profile status updates (obviously fake ones) & some other ones. Holy crap, i m forced to eat my words back .. Now out of blue,researchers at Symnatec uncovered a specific weaknesses in the bots p2p functionality that may allow rival criminals to remotely hijack the botnet or plant files on the victims hard drive.

“Even though its encrypted and even though it was written in Java to make it cross-platform, it was still vulnerable to basically a directory transversal exploit,”

exclaimed Dean Turner, director of Symantecs Global Intelligence Network. He added -

“From a technical perspective, it goes to show that even if you have all those things where youre building in a secure platform, if youre not building application security into your malware, other bad guys will probably take advantage of it.”

P2P function is designed to make botnets harder to take down by providing multiple channels of communication. Once a website sends a single GET request to an infected host, it can discover all the info needed to upload any file to any location on host, furthermore,attackers can then install a simple backdoor & can totally own the machine.

Bot stats - theprohack.com

Interestingly, statistics by Symnatec show that the bot’s favorite host platform is Windows - 85 % & Mac comes 2nd by 15 % . They didnt show any infections on Linux machines. Speaking of botnets, you might want to read about Project Blackout too ..

source : El Reg

Like This post ?  You can buy me a Beer :)

Posted by XERO. ALL RIGHTS RESERVED.


Available link for download