SYMBOLCOMMON_NAMEaka. SYNONYMS
elf.xorddos (Back to overview)

XOR DDoS

aka: XORDDOS

Linux DDoS C&C Malware

References
2020-06-22Trend MicroAugusto Remillano II
@online{ii:20200622:xorddos:d41d1a7, author = {Augusto Remillano II}, title = {{XORDDoS, Kaiji Botnet Malware Variants Target Exposed Docker Servers}}, date = {2020-06-22}, organization = {Trend Micro}, url = {https://blog.trendmicro.com/trendlabs-security-intelligence/xorddos-kaiji-botnet-malware-variants-target-exposed-docker-servers/}, language = {English}, urldate = {2020-06-24} } XORDDoS, Kaiji Botnet Malware Variants Target Exposed Docker Servers
Kaiji XOR DDoS
2020-04-07BlackberryBlackberry Research
@techreport{research:20200407:decade:6441e18, author = {Blackberry Research}, title = {{Decade of the RATS: Cross-Platform APT Espionage Attacks Targeting Linux, Windows and Android}}, date = {2020-04-07}, institution = {Blackberry}, url = {https://www.blackberry.com/us/en/pdfviewer?file=/content/dam/blackberry-com/asset/enterprise/pdf/direct/report-bb-decade-of-the-rats.pdf}, language = {English}, urldate = {2020-08-10} } Decade of the RATS: Cross-Platform APT Espionage Attacks Targeting Linux, Windows and Android
Penquin Turla XOR DDoS ZXShell
2018-11-29NSFOCUShaoming
@online{haoming:20181129:analysis:6192262, author = {haoming}, title = {{Analysis Report of the Xorddos Malware Family}}, date = {2018-11-29}, organization = {NSFOCUS}, url = {https://blog.nsfocusglobal.com/threats/vulnerability-analysis/analysis-report-of-the-xorddos-malware-family/}, language = {English}, urldate = {2020-01-06} } Analysis Report of the Xorddos Malware Family
XOR DDoS
2016-03-18WikipediaVarious
@online{various:20160318:xor:09f92e3, author = {Various}, title = {{Xor DDoS}}, date = {2016-03-18}, organization = {Wikipedia}, url = {https://en.wikipedia.org/wiki/Xor_DDoS}, language = {English}, urldate = {2020-01-09} } Xor DDoS
XOR DDoS
2015-10Check PointStanislav Skuratovich, Aliaksandr Trafimchuk
@techreport{skuratovich:201510:digging:7c4fa84, author = {Stanislav Skuratovich and Aliaksandr Trafimchuk}, title = {{Digging for Groundhogs: Holes in your Linux server}}, date = {2015-10}, institution = {Check Point}, url = {https://blog.checkpoint.com/wp-content/uploads/2015/10/sb-report-threat-intelligence-groundhog.pdf}, language = {English}, urldate = {2020-01-08} } Digging for Groundhogs: Holes in your Linux server
XOR DDoS
2015-09-25Blaze's Security BlogBartBlaze
@online{bartblaze:20150925:notes:79b37fe, author = {BartBlaze}, title = {{Notes on Linux/Xor.DDoS}}, date = {2015-09-25}, organization = {Blaze's Security Blog}, url = {https://bartblaze.blogspot.com/2015/09/notes-on-linuxxorddos.html}, language = {English}, urldate = {2020-01-08} } Notes on Linux/Xor.DDoS
XOR DDoS
2015-09Virus BulletinPeter Kálnai, Jaromír Hořejší
@techreport{klnai:201509:ddos:21c35c6, author = {Peter Kálnai and Jaromír Hořejší}, title = {{DDOS TROJAN: A MALICIOUS CONCEPT THAT CONQUERED THE ELF FORMAT}}, date = {2015-09}, institution = {Virus Bulletin}, url = {https://www.virusbulletin.com/uploads/pdf/conference/vb2015/KalnaiHorejsi-VB2015.pdf}, language = {English}, urldate = {2020-01-08} } DDOS TROJAN: A MALICIOUS CONCEPT THAT CONQUERED THE ELF FORMAT
XOR DDoS
2015-02-05FireEyeMichael Lin, Derek Gooley
@online{lin:20150205:anatomy:91eb612, author = {Michael Lin and Derek Gooley}, title = {{Anatomy of a Brute Force Campaign: The Story of Hee Thai Limited}}, date = {2015-02-05}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2015/02/anatomy_of_a_brutef.html}, language = {English}, urldate = {2019-12-20} } Anatomy of a Brute Force Campaign: The Story of Hee Thai Limited
XOR DDoS
2015-01-06AvastPeter Kálnai
@online{klnai:20150106:linux:d8e30ec, author = {Peter Kálnai}, title = {{Linux DDoS Trojan hiding itself with an embedded rootkit}}, date = {2015-01-06}, organization = {Avast}, url = {https://blog.avast.com/2015/01/06/linux-ddos-trojan-hiding-itself-with-an-embedded-rootkit/}, language = {English}, urldate = {2020-02-25} } Linux DDoS Trojan hiding itself with an embedded rootkit
XOR DDoS
2014-09-29MalwareMustDieunixfreaxjp
@online{unixfreaxjp:20140929:mmd00282014:b04578f, author = {unixfreaxjp}, title = {{MMD-0028-2014 - Linux/XOR.DDoS: Fuzzy reversing a new China ELF}}, date = {2014-09-29}, organization = {MalwareMustDie}, url = {http://blog.malwaremustdie.org/2014/09/mmd-0028-2014-fuzzy-reversing-new-china.html}, language = {English}, urldate = {2019-11-27} } MMD-0028-2014 - Linux/XOR.DDoS: Fuzzy reversing a new China ELF
XOR DDoS

There is no Yara-Signature yet.