March 15, 2022 By Sergiu Gatlan
A recently discovered botnet under active development targets Linux systems, attempting to ensnare them into an army of bots ready to steal sensitive info, installing rootkits, creating reverse shells, and acting as web traffic proxies.
The newly found malware, dubbed B1txor20 by researchers at Qihoo 360's Network Security Research Lab (360 Netlab), focuses its attacks on Linux ARM, X64 CPU architecture devices.
The botnet uses exploits targeting the Log4J vulnerability to infect new hosts, a very appealing attack vector seeing that dozens of vendors use the vulnerable Apache Log4j logging library.
The researchers first spotted the B1txor20 botnet on February 9 when the first sample got trapped by one of their honeypot systems.
