LinkBack URL
About LinkBacksAkamai's advisory outlines two different methods for detecting the recent version of the XOR malware.
1.To Detect XOR DDoS Botnet in your Network, look for the communications between a bot and its C&C server, using the Snort rule given in the advisory.
2.To Detect XOR DDoS Botnet infection on your Hosts, use the YARA rule also shown in the advisory.
Moreover, Akamai also provides a four-step process for removing the XOR DDoS Trojan from your machine, as given below:
1.First, identify the malicious files in two directories (/boot and /etc/init.d)
2.Identify the supporting processes responsible for the persistence of the main process
3.Kill the malicious processes
4.Delete the malicious files (in /boot and /etc/init.d)
Additionally, disabling system root login from SSH (Secure Shell), or using a strong password will also defeat this issue.
Torrent Invites! Buy, Trade, Sell Or Find Free Invites, For EVERY Private Tracker! HDBits.org, BTN, PTP, MTV, Empornium, Orpheus, Bibliotik, RED, IPT, TL, PHD etc!
Results 1 to 1 of 1
-
10-01-2015 #1It's Alright,You Heard?
- Reputation Points
- 214616
- Reputation Power
- 100
- Join Date
- Aug 2014
- Posts
- 9,269
- Time Online
- 462 d 3 h 45 m
- Avg. Time Online
- 3 h 7 m
- Mentioned
- 2378 Post(s)
- Quoted
- 807 Post(s)
- Liked
- 12475 times
- Feedbacks
- 440 (100%)
How to Detect and Mitigate XOR DDoS Botnet
Reply With Quote
