Bitxor20 Botnet

By Mezo in Botnets

Translate To:

A new botnet exploiting the Log4J vulnerability has been caught by cybersecurity experts. The threat is tracked as the Bitxor20 botnet and its main targets are Linux systems. Once added to the botnet, the compromised devices can be commanded to perform a large list of threatening functions. Indeed, according to a report by Qihoo 360's Network Security Research Lab (360 Netlab), Bitxor20 collects sensitive information, deploys rootkits, opens reverse shells and establishes Web proxies.

To remain unseen, the threat uses the tried and true method of DNS tunneling. First, all captured information, command results, or other needed data is encrypted via specific encoding techniques. Then, it is delivered to the Command-and-Control (C2, C&C) server of the operation as a DNS request. In response, the C2 server returns a chosen payload to the bot device. It should be noted that certain threatening features that have been discovered as part of Bitxor20 have been enabled by the malware's creators. This fact could signal that the threat is still under active development and could become even more potent in the future.

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

Bitxor20 Botnet

Submit Comment

Trending

Safe Search Eng

Findtheirreport.com

MarioLocker Ransomware

Most Viewed

Is Lookmovie.io Safe?

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen