Incident Response, Malware, TDR

Luabot malware used to launch DDoS attacks


A security researcher discovered a Trojan that infects Linux platforms used in distributed denial of service (DDoS) attacks. According to MalwareMustDie, the security researcher responsible for the discovery, the malware is written in the Lua programming language (version 5.3.0).

The malware, dubbed Linux/Luabot, targets the Linux operating system, used often in web servers and Internet of Things (IoT) devices. The Trojan issues botnet commands to affected systems, MalwareMustDie wrote in a blog post published on Monday.

“There are plenty new ELF malware coming & lurking our network recently & hitting out Linux layer IoT and services badly,” MalwareMustDie wrote in the blog post. The researcher advised security professionals to “watch for unusual hazards for the security of our 24/7 running Linux nodes.”

Last week, security firm Sucuri disclosed vulnerabilities in IoT home routers that were exploited to launch an application-level DDoS attack. The Strider cyberespionage group disclosed by Symantec last month also used modules written in Lua.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.