Researchers analyze faulty new Linux backdoor

Researchers at Dr. Web have discovered a faulty trojan designed as a backdoor for Linux that could also target Windows systems.

Identified as Linux.BackDoor.Dklkt.1, the trojan – possibly of Chinese origin – is designed to perform functions typical of file managers, SOCKS proxy servers, and remote shells; however, it ignores several of its commands due to poor design, a post indicated.

Some of the commands the trojan awaits include change remark, open shell, run an application, start proxy, exit, reboot and turn off a computer. Some of the commands that are ignored include update itself, receive user data and remove itself.

According to the post, the trojan can launch distributed denial-of-service (DDoS) attacks such as SYN Flood, HTTP Flood (POST/GET request), ICMP Flood, TCP Flood, and UDP Flood. The Drv Flood has not been implemented.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.