Thursday 30 January 2014

Cross-Platform Java Bot Used for DDoS Attacks

The java platform is used in DDOS attacks by bot. The malicious Java application can be run on Windows, OS X and Linux machines. Kaspersky Lab researchers analyzed a malware that infects computers to form a botnet - a network of zombie computers - and use it in attacks distributed denial of service.

This botnet is controlled via IRC protocol to conduct targeted attacks on IP addresses. Attackers can adjust the intensity of the attack and its duration. It uses a data stream via HTTP or UDP. At least one target of this botnet was an email service.

The malware behind the botnet is written entirely in Java. Through this platform, it can be run on Windows, OS X and Linux. Still, it runs a Java vulnerability for which a patch exists since June 2013.

This vulnerability is present in the Java Runtime Environment with Oracle Java SE 7 Update 21 and earlier, and Java 6 Update 45 and earlier. This is not the first time a botnet infects the three most popular operating systems.

No comments:

Post a Comment

Note: only a member of this blog may post a comment.