Search This Blog

Wednesday, November 2, 2016

Linux/Moose: Still breathing

Linux/Moose is a malware family that primarily targets Linux-based consumer routers but that can also infect other Linux-based embedded systems in its path. The compromised devices are used to steal unencrypted network traffic and offer proxying services to the botnet operator. In practice, these capabilities are used to steal HTTP Cookies on popular social network sites and perform fraudulent actions such as non-legitimate “follows”, “views” and “likes”.
In May 2015 ESET released a whitepaper on the malware family we named Linux/Moose. After publication, Linux/Moose’s command and control servers went down and we lost track of the animal. A few months later, in September 2015, we got a new sample of Linux/Moose —with, as expected, some evolution after our publication.

Linux/Moose: Still breathing

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.