New Mayhem malware targets Linux, UNIX servers

[securitybreach]

Relatively small right now (1400 infected) but it does not require root privileges. 

 

A new malware that runs on UNIX-like servers even with restricted privileges has already infected machines in Australia and is actively hunting for more targets, a new research paper has shown.

 

Three researchers from Russian web provider Yandex - Andrej Kovalev, Konstantin Ostrashkevich and Evgeny Sidorov - said in the technical analysis of the malware, published on security and anti-virus specialist publication Virus Bulletin, that Mayhem functions like a traditional Windows bot......

 

A total of 1400 infections have been recorded around the world for Mayhem so far, with most of these in the United States, Russia, Germany and Canada, the researchers said.

 

Sidorov told iTnews that recently discovered data from the largest Mayhem command and control server showed that there were 14 infected machines in Australia, and two in New Zealand.

 

Commenting on the research, Virus Bulletin editor Martijn Grooten said the threat Mayhem poses was relatively small compared to existing botnets. But he warned that Mayhem should be taken seriously nevertheless, as it had the ability to compromise powerful Linux servers and was actively looking for other sites and machines to infect....

 

http://www.itnews.co...ix-servers.aspx

[Guest LilBambi]

May not be many computers/servers in the scheme of the number of UNIX/Linux servers out there, but not needing root access is of great concern.

 

And it is one of the things that I have been trying to get folks to realize. No OS is safe from browser attacks, such as PHP scripting and others.

 

There was a saying years ago when PHP first got it's start. What can you do with PHP? Answer: Anything you want.

 

The same can be said of HTML5 today.