the Specialists of "Doctor Web" reported the discovery of a new "backdoor" for Linux. According to the authors of the malware, it must have an extremely broad and powerful set of features, but to achieve this they failed. "Backdoor" is probably of Chinese origin, and the original components are designed so that the executable can be collected as for the architecture of Linux and Windows.

Read more...

the Specialists of "Doctor Web" reported the discovery of a new "backdoor" for Linux. According to the authors of the malware, it must have an extremely broad and powerful set of features, but to achieve this they failed. "Backdoor" is probably of Chinese origin, and the original components are designed so that the executable can be collected as for the architecture of Linux and Windows.

the Developers of the malware initially tried to incorporate an extensive set of features Manager file system, the Trojan has to carry out DDoS-attacks, proxy servers, etc., but in practice not all features are implemented in full. In addition, the creators of "backdoor" they treated the task is not too responsibly: in disassembly are quite ridiculous designs having to do with Linux in any way.

When you run Linux.BackDoor.Dklkt.1 checks in the folder from which it was launched, the configuration file containing the necessary parameters. The file specifies three address control servers, however, use one, while the other two are backup. When you run "backdoor" is trying to register on the attacked computer as a system service, and if it fails — terminates.

Found "backdoor" is able to perform various types of DDoS attacks (SYN Flood, HTTP Flood (POST/GET requests), ICMP Flood, TCP Flood and UDP Flood).