Security researchers have come across a malicious Java application that’s designed to launch distributed denial-of-service (DDOS) attacks from infected computers. The interesting thing about this threat is that since it’s based on Java, it’s cross platform, which means that it can run on Windows, Linux and Mac OS computers.
According to Kaspersky, the developers of this malware (HEUR:Backdoor.Java.Agent.a.) have used the Zelix Klassmaster obfuscator to prevent researchers from analyzing the threat, and security solutions from detecting it.
When it infects a computer, depending on the operating system, it performs certain actions to ensure that it will be launched on the next startup. In Windows, it modifies registries, while on Mac OS devices, it uses the “launchd” service. On Linux machines, it adds itself to /etc/init.d/.
Once it makes itself cozy on a device, the bot starts communicating with its master via the IRC protocol.
The malware is capable of launching HTTP and UDP flood attacks. Cybercriminals simply send a command via IRC specifying the targeted IP address, the port number, the duration of the attack, and the number of threads that should be used.
Experts say that the Java bot has been utilized to attack a bulk email service.