Security News > 2022 > March > Linux botnet exploits Log4j flaw to hijack Arm, x86 systems
A new Linux botnet is using the infamous Log4j vulnerability to install rootkits and steal data.
Researchers at Chinese internet security company Qihoo's 360's Network Security Research Lab discovered the botnet family, which they dubbed B1txor20, as it was infecting new hosts via the Log4j vulnerability.
"In addition to the traditional backdoor functions, B1txor20 also has functions such as opening Socket5 proxy and remotely downloading and installing Rootkit," the threat researchers wrote.
In total, 360 Netlab nabbed found four different B1txor20 samples that the threat researchers said support 15 functions.
The threat researchers aren't putting it past the criminals to call on the unused code or fix the bugs in the future.
Finally, in what they deemed a "Small note," the threat researchers said the domain name has been registered for six years, "Which is kind [of] unusual?" Or maybe it points to excellent planning on the part of the miscreants.
News URL
https://go.theregister.com/feed/www.theregister.com/2022/03/16/linux_botnet_log4j/