Java Bot Can Launch DDOS Attacks from Windows, Mac and Linux Machines

Cross-platform malware used for DDOS attacks

Security researchers have come across a malicious Java application that’s designed to launch distributed denial-of-service (DDOS) attacks from infected computers. The interesting thing about this threat is that since it’s based on Java, it’s cross platform, which means that it can run on Windows, Linux and Mac OS computers.

According to Kaspersky, the developers of this malware (HEUR:Backdoor.Java.Agent.a.) have used the Zelix Klassmaster obfuscator to prevent researchers from analyzing the threat, and security solutions from detecting it.

When it infects a computer, depending on the operating system, it performs certain actions to ensure that it will be launched on the next startup. In Windows, it modifies registries, while on Mac OS devices, it uses the “launchd” service. On Linux machines, it adds itself to /etc/init.d/.

Once it makes itself cozy on a device, the bot starts communicating with its master via the IRC protocol.

The malware is capable of launching HTTP and UDP flood attacks. Cybercriminals simply send a command via IRC specifying the targeted IP address, the port number, the duration of the attack, and the number of threads that should be used.

Experts say that the Java bot has been utilized to attack a bulk email service.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s