Rabitə və İnformasiya Texnologiyaları Nazirliyinin elektron xəbər xidməti

Virus Miner for Linux Removes Antiviruses and Other Miners


Information security specialists reported on Linux malware that started a serious competition. The Linux.BtcMine.174 virus is a voluminous script and contains more than 1000 lines of code, informs Doctor Web. After launching malware, it checks the availability of the server, from where it pulls up additional modules and looks for a place to place them.
 
Then the script is moved to a previously selected folder named diskmanagerd and re-launched as a daemon. In case of successful installation, a backdoor is loaded into the system, which allows you to execute remote commands and carry out DDoS attacks. If Linux.BtcMine.174 was not launched as root, it uses an exploit set to escalate its privileges on the infected system.
 
Also, the virus searches for other miners and terminates their processes, tries to do the same with anti-virus programs.
 
The final chord is the launch of the miner Monero. The malware regularly checks its operation, restarting if necessary.






22/11/18    Çap et