Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Monday, 30 January, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Server-targeting malware detected which aimed to build botnet of super soldiers

by The Gurus
September 19, 2014
in Editor's News
Share on FacebookShare on Twitter

Malware that is specifically tailored to target and take control of web servers to enslave them into a botnet has been detected.
 
Speaking to IT Security Guru, Ryan Barnett, lead security researcher at Trustwave, said that while the company sees new files all of the time, what was distinctive about this was that the code was markedly different, and it aimed specifically at servers.
 
“They are the ‘super soldiers’ of a botnet as it gives the owner more horsepower and bandwidth and we see botnet owners take control of them,” he said.
 
“What was interesting about this was that it ran Pearl Scripts on an IRC channel and it was flagged in PHP code as there was different data to bring in files to execute on the operating system. We are not seeing this commonly as often, script kiddies just rip code off from each other. Here they had deployed new code and tactics.”
 
Barnett confirmed that this was only detected by one anti-virus technology and it was unique on Virus Total. Asked what he felt was new and distinctive, Barnett said that the use of an IRC channel was what caught its attention, and that this was unlikely to be the work of a sole person. The malware also came with a price tag of $125 for lifetime use.
 
“They would also sell for Bitcoin, and what we saw is that this would execute on the operating system and attack web applications and services to alter server privileges,” he said.
 
“There are different attacks on servers to end-users, and we see lots of attacks on servers but this looked to do what it wanted on the operating system and install malware on the web server module. Barnett said that malware targeted at servers is increasing but the use of Pearl Scripts and an IRC channel as a botnet was unusual here.”
 
Research by Trustwave believe the criminals in this case are not only building their botnet to launch future distributed denial-of-services (DDoS) attacks using this new variant of malware.

FacebookTweetLinkedIn
ShareTweetShare
Previous Post

Home Depot confirms breach affected 56 million unique payment cards

Next Post

Dell fellow: Credit card and identity fraud "will be passé" in five years

Recent News

JD Sports admits data breach

JD Sports admits data breach

January 30, 2023
Acronis seals cyber protection partnership with Fulham FC

Acronis seals cyber protection partnership with Fulham FC

January 30, 2023
Data Privacy Day: Securing your data with a password manager

Data Privacy Day: Securing your data with a password manager

January 27, 2023
#MIWIC2022: Carole Embling, Metro Bank

#MIWIC2022: Carole Embling, Metro Bank

January 26, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information