Language Selection

English French German Italian Portuguese Spanish

The First Linux Botnet

Filed under

They're calling it the first botnet designed for broadband equipment and routers, and that it is. But it's the first of something else: psyb0t, the first Linux botnet.

And even though it's running on hardware devices, and even though it's running on Linux, and an obscure distribution of Linux at that, the basic mechanisms of it aren't that different from "conventional" botnets that run on Windows PCs. There's a lesson here.

Linux seems to be a great platform for these little embedded devices. It's small enough that it can fit in economical hardware, portable enough that you can put it on almost any processor and platform, and it's got great networking tools. This particular bot runs on Linux Mipsel devices ("Mipsel" is the port of Debian Linux on MIPS processors). But it's not hard to see the same thing happening to any sufficiently large population of Internet-facing devices based on Linux or any other platform. I'm especially curious about DVRs now.

We often speak about how malware writers write for Windows because that's where the systems are and because that's where the development tools are, for malware and more generally. The same could be said now of Linux.

rest here

More in Tux Machines

From There to Here (But Not Back Again)

Red Hat Product Security recently celebrated our 15th anniversary this summer and while I cannot claim to have been with Red Hat for that long (although I’m coming up on 8 years myself), I’ve watched the changes from the “0day” of the Red Hat Security Response Team to today. In fact, our SRT was the basis for the security team that Mandrakesoft started back in the day. In 1999, I started working for Mandrakesoft, primarily as a packager/maintainer. The offer came, I suspect, because of the amount of time I spent volunteering to maintain packages in the distribution. I also was writing articles for TechRepublic at the time, so I also ended up being responsible for some areas of documentation, contributing to the manual we shipped with every boxed set we sold (remember when you bought these things off the shelf?). Read more

Android Leftovers

today's howtos

Intel Cache Allocation Technology / RDT Still Baking For Linux

Not mentioned in my earlier features you won't find in the Linux 4.9 mainline kernel is support for Intel's Cache Allocation Technology (CAT) but at least it was revised this weekend in still working towards mainline integration. Read more Also: Intel Sandy Bridge Graphics Haven't Gotten Faster In Recent Years