Reporter Jake Edge wrote:
An update later in the day makes it clear that this is a new attack, based on an earlier worm, kaiten, and attempts to connect infected systems to a botnet.
Kaiten is not a worm, but rather is the trojan-horse (backdoor) payload. It's thus, in effect, an after-effect of the actual worm, which in this case is last year's Lupper attack code, recycled, Lupper's exploit against a seven-month-old, rather ghastly input-validation bug in PHPXMLRPC v. 1.1.1 and later.
Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds