RotaJakiro: A recently discovered trojan threatens Linux users

by | May 4, 2021

A new malware targeting Linux operating systems takes control of the computers it manages to infect through a backdoor. Security firm 360 Netlab has identified this Trojan, known as RotaJariko .

This malicious software has been stalking users for at least three years without being detected since it works in a very discreet way. First, it finds out if the user is root to determine the best way to approach the system and hide itself. It analyzes the sensitive resources of the device and creates a back door, establishing communication with the command and control server .

It is striking how effective its methods are to hide the processes it runs. It uses different encryption algorithms, such as AES, XOR, and ROTATE combined with ZLIB compression. To cover up the reception of control commands, RotaJarico accessed four domains through port 443 and using its own protocol .

The exact purpose of this malicious software is not entirely clear. It is capable of executing up to twelve different functions, so the researchers consider several hypotheses. It could be used to steal sensitive data, information from the infected terminal, take control and manage files or run specific plugins.

For more information about this malware, you can consult this article by 360 Netlab.

SHARE

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

Recent posts

On-premises vs. cloud: Which is better for your business?

The choice of technology infrastructure is crucial for the growth and competitiveness of businesses. This article analyzes the advantages and disadvantages of “on-premises” and “cloud computing” models, focusing on aspects such as costs, scalability, security, and management.

Archives


Stay up to date with all the news from UDS ENTERPRISE through our social networks. Follow us!

Skip to content