Very useful information for securing devices you may have in your home and connected to the internet.
The devices above utilize Linux services to provide users interfaces. The interfaces use Apache Web servers and PHP servers.The malware uses an old PHP vulnerability,Information Disclosure Vulnerability (CVE-2012-1823), that was patched in May of 2012. Since the malware is designed to attack the Elf binary so far Linux.Darlloz only infects Intel x86 systems. However, the servers used to host the worm have versions forARM, PPC, MIPS and MIPSEL
Behavior exhibited byLinux.Darlloz includes randomly generated IP addresses, access to the path where IDs and passwords are kept and sends HTTP POST requests. Once the victim is infected it starts searching…
View original post 57 more words