Home / malware Linux.Lightaidra
First posted on 02 December 2014.
Source: SymantecAliases :
There are no other names known for Linux.Lightaidra.
Explanation :
The worm propagates by scanning public IP addresses for telnet services and logging in to computers or devices using common username and password combinations.
The worm may connect to the following remote locations:irc.pollo.org 178.79.183.247192.3.205.154168.235.156.117
The worm contacts a hard-coded command-and-control server for instructions and reports successful logins back to this server.
The worm may then launch DDoS attacks from the compromised computer or device using floods of Transmission Control Protocol (TCP) packets, User Datagram Protocol (UDP) packets, or domain name system (DNS) requests.Last update 02 December 2014