An unknown threat actor has been targeting organizations with botnet malware that communicates with its command-and-control server via the Internet Relay Chat application layer protocol.
Nicknamed Outlaw, the hacking group developed the botnet as a Perl language-based variant of Shellbot, according to a Nov. 1 blog post from Trend Micro, whose researchers uncovered the threat. Shellbot is a trojan horse malware that's typically installed on computers via the Shellshock Unix Bash shell vulnerability that was found back in 2014.
In this case, however, the Perl Shellbot attackers are instead infecting victims via a command injection vulnerability that's commonly found on IoT devices and Linux servers, but can also affect Windows environments and Android devices. They are also distributing the malware through previously brute-forced or compromised hosts, Trend Micro notes.
Please register to continue.
Already registered? Log in.
Once you register, you'll receive:
The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.
Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.
SC Media’s essential morning briefing for cybersecurity professionals.
One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.