SYMBOLCOMMON_NAMEaka. SYNONYMS
elf.kaiji (Back to overview)

Kaiji


Surfaced in late April 2020, Intezer describes Kaiji as a DDoS malware written in Go that spreads through SSH brute force attacks. Recovered function names are an English representation of Chinese words, hinting about the origin. The name Kaiji was given by MalwareMustDie based on strings found in samples.

References
2020-06-22Trend MicroAugusto Remillano II
@online{ii:20200622:xorddos:d41d1a7, author = {Augusto Remillano II}, title = {{XORDDoS, Kaiji Botnet Malware Variants Target Exposed Docker Servers}}, date = {2020-06-22}, organization = {Trend Micro}, url = {https://blog.trendmicro.com/trendlabs-security-intelligence/xorddos-kaiji-botnet-malware-variants-target-exposed-docker-servers/}, language = {English}, urldate = {2020-06-24} } XORDDoS, Kaiji Botnet Malware Variants Target Exposed Docker Servers
Kaiji XOR DDoS
2020-05-05BitdefenderGraham Cluley
@online{cluley:20200505:kaiji:94f85b6, author = {Graham Cluley}, title = {{Kaiji – a new strain of IoT malware seizing control and launching DDoS attacks}}, date = {2020-05-05}, organization = {Bitdefender}, url = {https://www.bitdefender.com/box/blog/iot-news/kaiji-new-strain-iot-malware-seizing-control-launching-ddos-attacks/}, language = {English}, urldate = {2020-05-06} } Kaiji – a new strain of IoT malware seizing control and launching DDoS attacks
Kaiji
2020-05-04IntezerPaul Litvak
@online{litvak:20200504:kaiji:6b90937, author = {Paul Litvak}, title = {{Kaiji: New Chinese Linux malware turning to Golang}}, date = {2020-05-04}, organization = {Intezer}, url = {https://intezer.com/blog/research/kaiji-new-chinese-linux-malware-turning-to-golang/}, language = {English}, urldate = {2020-05-06} } Kaiji: New Chinese Linux malware turning to Golang
Kaiji

There is no Yara-Signature yet.