The trojan transforming Linux-computers in a proxy is found out.
New threats for Linux-systems began to appear much more often, and found out by experts of the company «the Doctor the Web» trojan Linux. Proxy.10 - superfluous to volume the proof. Experts write that a malware has been found in January, 2017 and already has had time to infect some thousand devices.
As well as follows from the name, appropriated harmful, it is intended for start on the device of a victim of a SOCKS5-proxy of the server based on freely extended source codes of utility Satanic Socks Server. Malefactors use this trojan for maintenance of own anonymity on the Internet.
For distribution a malware hackers will become authorised on vulnerable sites, using SSH. Thus the list of sites, and also login and the password to them are stored on the server of malefactors. The list has the following appearance: "IP-adres:login:password". Researchers notice that users with such registration data as a rule are created in system by other Linux-trojans. That is Linux. Proxy.10 another gets on devices, or having standard options, or already infected Linux-malvarju. Through use of the aforementioned list the scenario which is carried out on infected devices by means of the utility sshpass is formed. And there is infection Linux. Proxy.10.
Also besides lists of vulnerable sites researchers have found out on servers of malefactors control panel Spy-Agent and assemblage of the harmful program for Windows, concerning known family of espionage trojans BackDoor. TeamViewer.
To be connected to a proxy started by means of Linux. Proxy.10, the nobility only an IP address of a device and number of port which remains in a body of the Trojan at its compilation suffices malefactors.
