We recently found notable malware activity affecting devices running Linux, a platform that has battled numerous issues just this year. Further analysis of retrieved malware samples revealed that these actions were connected to a botnet called Momentum (named for the image found in its communication channel). We found new details on the tools and techniques the botnet is currently using to compromise devices and perform distributed denial-of-service (DDoS) attacks.
Compared to other kinds of cyber attacks, DDoS attacks are messy, overly destructive, and very difficult to pull off. Because of this, they don’t make much sense from a financial perspective.
So cybercriminals might use them as a blunt weapon against some of their competitors. For instance, they might want to bring down a site hosting a cybersecurity tool, or bring down a small online shop operating in the same niche.
Momentum targets the Linux platform on various CPU architectures such as ARM, MIPS, Intel, Motorola 68020, and more. The main purpose of this malware is to open a backdoor and accept commands to conduct various types of DoS attacks against a given target. The backdoors being distributed by the Momentum botnet are Mirai, Kaiten, and Bashlite variants; the specific sample we analyzed was pushing a Mirai backdoor. Moreover, Momentum spreads via exploiting multiple vulnerabilities on various routers and web services to download and execute shell scripts on the target devices.
More Info: what is ddos stand for
Compared to other kinds of cyber attacks, DDoS attacks are messy, overly destructive, and very difficult to pull off. Because of this, they don’t make much sense from a financial perspective.
So cybercriminals might use them as a blunt weapon against some of their competitors. For instance, they might want to bring down a site hosting a cybersecurity tool, or bring down a small online shop operating in the same niche.
Momentum targets the Linux platform on various CPU architectures such as ARM, MIPS, Intel, Motorola 68020, and more. The main purpose of this malware is to open a backdoor and accept commands to conduct various types of DoS attacks against a given target. The backdoors being distributed by the Momentum botnet are Mirai, Kaiten, and Bashlite variants; the specific sample we analyzed was pushing a Mirai backdoor. Moreover, Momentum spreads via exploiting multiple vulnerabilities on various routers and web services to download and execute shell scripts on the target devices.
More Info: what is ddos stand for
No comments:
Post a Comment