silversurfer
Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
- Aug 17, 2014
- 10,143
A new piece of malware is targeting Internet of Things (IoT) devices in an attempt to ensnare them into a botnet capable of launching distributed denial-of-service (DDoS) attacks, Sophos Labs reports.
Dubbed Chalubo (ChaCha-Lua-bot), the malware incorporates code from the Xor.DDoS and Mirai families, but also brings improvements in the form of anti-analysis techniques. Specifically, the authors have encrypted both the main component and its corresponding Lua script using the ChaCha stream cipher.
“This bot demonstrates increased complexity compared to the standard Linux bots we typically see delivered from these types of attacks. Not only are the attackers using a layered approach to dropping malicious components, but the encryption used isn’t one that we typically see with Linux malware,” the researchers note.